Reverse Search Based Network Attack Graph Generation

General network attack graph has a large state space. It affects the efficiency of network attack graph generation greatly. In order to solve this problem, a reverse search based network attack graph generation method is proposed. It starts from the target hosts that the goal of attackers, by analyzing the vulnerabilities and connectivity of them, finds all the middleman hosts, then repeats the search process until the hosts hold by the attackers are reached. In this way, numbers of attack chains are got, and they construct the attack graph. The method focuses on the handful of main targets and cuts down large number of unnecessary network states. By this way, the attack graph is generated quickly and effectively.