Attack graph modeling for web application vulnerability representation and analysis

Abstract

Web application vulnerabilities pose a high risk for both end-users and sensitive data. In this thesis, we propose the use of graph theory notions as a tool to model web applications and their associated vulnerabilities as an attack graph. By representing web applications as attack graphs, we can gain a comprehensive understanding of their components and related vulnerabilities, which can be crucial in developing effective defensive and offensive strategies. To construct the attack graph, we suggest various techniques, including crawlers, vulnerability assessment tools, and manual penetration testing. We also introduce the use of graph algorithms to analyze the web application attack graph and provide a quantitative assessment of the likelihood and severity of various vulnerabilities. This information can be invaluable in making informed decisions about the prioritization of security measures from the point of view of the defensive team, or optimize the finding of attack paths for the offensive team. In addition, we apply mathematical frameworks for different analysis. To facilitate the practical application of our theoretical model, we propose the use of graph databases to efficiently query large graphs, generate useful insights and identify potential attack paths for exploitation. The goal is to leverage graph theory in order to improve the security of web applications.