MulVAL attack graph tool evaluation, advantages, and disadvantages

Abstract

Computer networks have become increasingly sophisticated, which has posed challenges for network security management. Attack graphs are a popular method for analysing vulnerabilities in networks. Multihost multistage vulnerability analysis (MulVAL) is a generic framework that is widely used for analysing attacks. This study evaluated the effectiveness of MulVAL by measuring the following features: detecting rate, false positives/negatives, performance speed, scalability, and reporting capability. MulVAL was compared with alternative frameworks, which showed several advantages, such as scalability and comprehensive reports. The drawbacks of MulVAL’s disadvantages include its complexity and the difficulty in using the tool effectively. Based on these findings, recommendations for future work are provided.