{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,14]],"date-time":"2026-03-14T17:55:13Z","timestamp":1773510913073,"version":"3.50.1"},"reference-count":23,"publisher":"Breda Publishing Press","issue":"6","license":[{"start":{"date-parts":[[2021,6,1]],"date-time":"2021-06-01T00:00:00Z","timestamp":1622505600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Network Security"],"published-print":{"date-parts":[[2021,6]]},"abstract":"<jats:p>An attack graph (AG) is an abstraction that represents the paths by which an attacker could break a security policy, leveraging interdependencies among discovered vulnerabilities. However, current AG implementations are inefficient on large-scale networks. The increase of the number of hosts in networks causes an increase in the time it takes to generate the AG, especially the calculation time and the complexity of determining reachability.<\/jats:p><jats:p>An attack graph (AG) is an abstraction that represents the paths by which an attacker could break a security policy, leveraging interdependencies among discovered vulnerabilities.<\/jats:p><jats:p>However, current AG implementations are inefficient on large-scale networks. The increase of the number of hosts in networks causes an increase in the time it takes to generate the AG, especially the calculation time and the complexity of determining reachability. In this article, the authors examine techniques that calculate the reachability using a matrix or a hyper-graph.<\/jats:p>","DOI":"10.1016\/s1353-4858(21)00065-9","type":"journal-article","created":{"date-parts":[[2021,6,18]],"date-time":"2021-06-18T02:07:05Z","timestamp":1623982025000},"page":"13-19","source":"Crossref","is-referenced-by-count":11,"title":["Attack graph reachability: concept, analysis, challenges and issues"],"prefix":"10.70985","volume":"2021","author":[{"given":"Zaid J","family":"Al-Araji","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sharifah Sakinah Syad","family":"Ahmed","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Raihana Syahirah","family":"Abdullah","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ammar Awad","family":"Mutlag","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hayder Adil Abdul","family":"Raheem","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Siti Rohanah Hasan","family":"Basri","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"51855","reference":[{"key":"bib2","doi-asserted-by":"crossref","first-page":"27","DOI":"10.1016\/j.jisa.2016.02.001","volume":"29","author":"Kaynar K","year":"2016","journal-title":"Journal of Information Security and Applications"},{"key":"bib3","first-page":"135","volume-title":"In\u00a0proceedings of the Eighth ACM Conference on Data and Application Security and Privacy","author":"Aksu MU","year":"2018"},{"key":"bib4","first-page":"174","volume-title":"2nd International Conference on Data Intelligence and Security (ICDIS)","author":"Li M","year":"2019"},{"key":"bib5","doi-asserted-by":"crossref","first-page":"71","DOI":"10.1145\/310889.310919","volume-title":"Proceedings of the 1998 Workshop on New Security Paradigms","author":"Phillips C","year":"1998"},{"issue":"4","key":"bib6","doi-asserted-by":"crossref","first-page":"2704","DOI":"10.1109\/COMST.2017.2745505","volume":"19","author":"Ramos A","year":"2017","journal-title":"IEEE Communications Surveys & Tutorials"},{"key":"bib7","unstructured":"T Hamid \u2018Attack graph approach to dynamic network vulnerability analysis and countermeasures\u2019; 2014: University of Bedfordshire>"},{"key":"bib8","doi-asserted-by":"crossref","first-page":"44","DOI":"10.1007\/978-3-540-85933-8_5","volume-title":"International Workshop on Visualization for Computer Security","volume":"5210","author":"Williams L","year":"2008"},{"issue":"5","key":"bib9","doi-asserted-by":"crossref","first-page":"519","DOI":"10.1109\/TDSC.2015.2423682","volume":"13","author":"Kaynar K","year":"2016","journal-title":"IEEE Transactions on Dependable and Secure Computing"},{"key":"bib10","unstructured":"AR Khakpour \u2018Network reachability: quantification, verification, troubleshooting, and optimization\u2019; 2012: Michigan State University, Computer Science and Engineering>"},{"key":"bib11","doi-asserted-by":"crossref","first-page":"117","DOI":"10.1109\/ACSAC.2009.21","volume-title":"2009 Annual Computer Security Applications Conference","author":"Ingols K","year":"2009"},{"key":"bib12","doi-asserted-by":"crossref","first-page":"92","DOI":"10.1109\/EuroSP.2018.00015","volume-title":"2018 IEEE European Symposium on Security and Privacy (EuroS&P)","author":"Bodei C","year":"2018"},{"key":"bib13","doi-asserted-by":"crossref","first-page":"217","DOI":"10.1109\/DESEC.2017.8073810","volume-title":"2017 IEEE Conference on Dependable and Secure Computing","author":"Rengaraju P","year":"2017"},{"key":"bib14","first-page":"706","volume":"2018","author":"Jamar R","year":"2017","journal-title":"2nd IEEE International Conference on Recent Trends in Electronics, Information & Communication Technology (RTEICT)"},{"key":"bib15","doi-asserted-by":"crossref","first-page":"164","DOI":"10.1109\/SECPRI.1996.502679","volume-title":"Proceedings 1996 IEEE Symposium on Security and Privacy","author":"Blaze M","year":"1996"},{"issue":"3","key":"bib16","first-page":"48","volume":"1","author":"Lamba A","year":"2014","journal-title":"SSRN Electron. J"},{"issue":"4","key":"bib17","doi-asserted-by":"crossref","first-page":"687","DOI":"10.1016\/j.adhoc.2010.09.005","volume":"9","author":"Almen\u00e1rez F","year":"2011","journal-title":"Ad Hoc Networks"},{"issue":"4","key":"bib18","first-page":"17","volume":"44","author":"Li R","year":"2009","journal-title":"Eksploatacja i"},{"issue":"6","key":"bib19","doi-asserted-by":"crossref","first-page":"559","DOI":"10.14429\/dsj.66.10795","volume":"66","author":"Barik MS","year":"2016","journal-title":"Defence Science Journal"},{"issue":"8","key":"bib20","first-page":"104","author":"Roschke S","year":"2010","journal-title":"Sixth International Conference on Information Assurance and Security"},{"key":"bib21","doi-asserted-by":"crossref","first-page":"350","DOI":"10.1109\/CSAC.2004.11","volume-title":"20th Annual Computer Security Applications Conference","author":"Noel S","year":"2004"},{"key":"bib22","first-page":"121","volume-title":"22nd Annual Computer Security Applications Conference (ACSAC\u201906)","author":"Ingols K","year":"2006"},{"issue":"2","key":"bib23","doi-asserted-by":"crossref","first-page":"466","DOI":"10.1109\/MINES.2009.43","volume":"2","author":"Zhao Y","year":"2009","journal-title":"2009 International Conference on Multimedia Information Networking and Security"},{"key":"bib24","doi-asserted-by":"crossref","first-page":"3227","DOI":"10.1016\/j.proeng.2011.08.606","volume":"15","author":"Ma JC","year":"2011","journal-title":"Procedia Engineering"}],"container-title":["Network Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S1353485821000659?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S1353485821000659?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/www.magonlinelibrary.com\/doi\/pdf\/10.1016\/S1353-4858%2821%2900065-9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,12,3]],"date-time":"2024-12-03T22:21:20Z","timestamp":1733264480000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.magonlinelibrary.com\/doi\/10.1016\/S1353-4858%2821%2900065-9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,6]]},"references-count":23,"journal-issue":{"issue":"6","published-print":{"date-parts":[[2021,6]]}},"alternative-id":["10.1016\/S1353-4858(21)00065-9"],"URL":"https:\/\/doi.org\/10.1016\/s1353-4858(21)00065-9","relation":{},"ISSN":["1353-4858","1872-9371"],"issn-type":[{"value":"1353-4858","type":"print"},{"value":"1872-9371","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,6]]}}}