Abstract: The present disclosure discloses method and an attack path prediction system for predicting an attack path in a computer network. The attack path prediction system receives static and dynamic data associated with a source node attacked in computer network along with static and dynamic risk attributes of one or more vulnerabilities associated with one or more target nodes reachable from source node. A likelihood score is calculated for each of one or more vulnerabilities associated with one or more target nodes in relation to each of one or more vulnerabilities associated with source node based on static and dynamic risk attributes. Additionally, a prediction score is calculated for each of one or more vulnerabilities associated with target nodes based on corresponding likelihood score and static and dynamic risk attributes. Thereafter, based on prediction score, the attack path is predicted between the source node and one or more target nodes.

Abstract: The present disclosure discloses method and an attack path prediction system for predicting an attack path in a computer network. The attack path prediction system receives static and dynamic data associated with a source node attacked in computer network along with static and dynamic risk attributes of one or more vulnerabilities associated with one or more target nodes reachable from source node. A likelihood score is calculated for each of one or more vulnerabilities associated with one or more target nodes in relation to each of one or more vulnerabilities associated with source node based on static and dynamic risk attributes. Additionally, a prediction score is calculated for each of one or more vulnerabilities associated with target nodes based on corresponding likelihood score and static and dynamic risk attributes. Thereafter, based on prediction score, the attack path is predicted between the source node and one or more target nodes.