Integrating Network and Attack Graphs for Service-Centric Impact Analysis

Cyberattacks on enterprise networks exploit complex dependencies among infrastructure, services, and applications, which challenge traditional analysis methods that focus on attack paths or network topology in isolation. In this study, we introduce a novel probabilistic multilayer modelling framework, based on influence propagation in networks, that integrates attack graphs with the communication network topology, enabling a service-centric impact analysis of cyberattacks. Our method captures both the vulnerability exploitability and network connectivity, allowing us to assess the likelihood of attack propagation and cumulative impacts across interconnected services. By integrating standard vulnerability metrics (such as CVSS) with the network-level connectivity probabilities, the framework provides a cohesive view of the dynamics of cyberattacks. We validate this approach using a realistic case study of an enterprise network, demonstrating its ability to determine critical nodes, vulnerabilities, and service dependencies that significantly influence attack outcomes. Our findings show that integrating network and attack graph perspectives offers more actionable insights into risk assessment and mitigation planning, advancing the analysis of cyberattacks in complex networked environments.