Saved in:
Bibliographic Details
Main Authors: Podder, Rakesh, Caglar, Turgay, Bashir, Shadaab Kawnain, Sreedharan, Sarath, Ray, Indrajit, Ray, Indrakshi
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2506.01227
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866912409116999680
author Podder, Rakesh
Caglar, Turgay
Bashir, Shadaab Kawnain
Sreedharan, Sarath
Ray, Indrajit
Ray, Indrakshi
author_facet Podder, Rakesh
Caglar, Turgay
Bashir, Shadaab Kawnain
Sreedharan, Sarath
Ray, Indrajit
Ray, Indrakshi
contents Graph-based frameworks are often used in network hardening to help a cyber defender understand how a network can be attacked and how the best defenses can be deployed. However, incorporating network connectivity parameters in the attack graph, reasoning about the attack graph when we do not have access to complete information, providing system administrator suggestions in an understandable format, and allowing them to do what-if analysis on various scenarios and attacker motives is still missing. We fill this gap by presenting SPEAR, a formal framework with tool support for security posture evaluation and analysis that keeps human-in-the-loop. SPEAR uses the causal formalism of AI planning to model vulnerabilities and configurations in a networked system. It automatically converts network configurations and vulnerability descriptions into planning models expressed in the Planning Domain Definition Language (PDDL). SPEAR identifies a set of diverse security hardening strategies that can be presented in a manner understandable to the domain expert. These allow the administrator to explore the network hardening solution space in a systematic fashion and help evaluate the impact and compare the different solutions.
format Preprint
id arxiv_https___arxiv_org_abs_2506_01227
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle SPEAR: Security Posture Evaluation using AI Planner-Reasoning on Attack-Connectivity Hypergraphs
Podder, Rakesh
Caglar, Turgay
Bashir, Shadaab Kawnain
Sreedharan, Sarath
Ray, Indrajit
Ray, Indrakshi
Cryptography and Security
Artificial Intelligence
Graph-based frameworks are often used in network hardening to help a cyber defender understand how a network can be attacked and how the best defenses can be deployed. However, incorporating network connectivity parameters in the attack graph, reasoning about the attack graph when we do not have access to complete information, providing system administrator suggestions in an understandable format, and allowing them to do what-if analysis on various scenarios and attacker motives is still missing. We fill this gap by presenting SPEAR, a formal framework with tool support for security posture evaluation and analysis that keeps human-in-the-loop. SPEAR uses the causal formalism of AI planning to model vulnerabilities and configurations in a networked system. It automatically converts network configurations and vulnerability descriptions into planning models expressed in the Planning Domain Definition Language (PDDL). SPEAR identifies a set of diverse security hardening strategies that can be presented in a manner understandable to the domain expert. These allow the administrator to explore the network hardening solution space in a systematic fashion and help evaluate the impact and compare the different solutions.
title SPEAR: Security Posture Evaluation using AI Planner-Reasoning on Attack-Connectivity Hypergraphs
topic Cryptography and Security
Artificial Intelligence
url https://arxiv.org/abs/2506.01227