I have been interested in graph theory since I worked for the railroad back in the 90’s and even further back when I was working on my degree in the 80’s. Last year, as a side project (we all seem to have them), I asked the question “Has graph theory been applied to cybersecurity”. The answer was yes. I discovered 10’s of papers, some great and some not so good, but many more then I realized existed. I also found sample code, working templates and even two commercial products.
After my IPv6 presentation was not accepted for Schmoocon 2012, I decided to present my attack graph findings at the NOVAHA ShmooCon Epilogue event. The event was great, I learned things from all of the speakers, and had many good side discussions.
Here is the video, if you are interested.
Other videos from the event can be found here:
Special thanks to Georgia for video taping the conference!
Do you know whether your computers are actively using IPv6 or not? Better check, as the bad guys probably already know. Michael Kassner explains how that might be exploited.