Impact-Driven Sampling Strategies for Hybrid Attack Graphs

Cyber-Physical Systems (CPSs) have a large input space, with discrete and continuous elements across multiple layers. Hybrid Attack Graphs (HAGs) provide a flexible and efficient approach to generate attack sequences for a CPS. Analysis and testing of large-scale HAGs are prohibitively costly. To address scalability and analysis challenges of HAG generation, it is required to reduce the HAG size via sampling. Existing sampling techniques provide probabilistic sampling and do not consider the complete coverage of different types of vulnerabilities. Moreover, they do not consider the impact of successful attacks. In this work, we propose a sampling algorithm that is impact driven and coverage aware. In addition, we provide several sampling strategies for cyber-security experts to inquire about potential attacks. The experimental results performed on both synthetic and real-world graphs show that our sampling method reduces up to 50% of nodes and 86% edges while retaining all vulnerability types across different attack graph representations and graph generators.