Chapter 9 Cybersecurity: A Survey of Vulnerability Analysis and Attack Graphs Rachid Ait Maalem Lahcen, Ram Mohapatra and Manish Kumar Abstract The network infrastructure is the most critical technical asset of any organization. This network architecture must be useful, efficient, and secure. How- ever, their cybersecurity challenges are immense as the number of attacks is increas- ing. Consequently, there is a need to have efficient tools to assess the risks, know the vulnerabilities, and find the solutions before the attackers exploit them. The chal- lenges remain in integrating the vulnerability analysis tools in a holistic process that cyber defenders can use to detect an intrusion and respond quickly. Attack graphs showed great importance in analyzing security. In this paper, we present a survey of raised and related topics to the field of vulnerability analysis and attack graphs. Keywords Attack graphs · Cybersecurity · Cyber situational awareness Vulnerability analysis 1 Introduction Enterprise networks continue to struggle with maintenance of network performance, availability, and security [1]. For instance, the Identity Theft Resources Center [2] had recorded 1339 US data breaches in 2017, exposing more than 174,402,528 confidential records. In cumulative view, between January 1, 2005, and December 27, 2017, number of breaches is 8190 with 1,057,771,011 of exposed records. Based on The Federal Bureau Investigation’s (FBI) Internet Crime Complaint Center [3] receives an average of 280,000 complaints each year, or an average of 800 complaints a day, and in 2016 there was a total loss of $1.33 Billion. It is also widely recognized R. Ait Maalem Lahcen · R. Mohapatra (B ) Department of Mathematics, 4000 Central Florida Blvd., Orlando, FL 32816, USA e-mail: ram.mohapatra@ucf.edu R. Ait Maalem Lahcen e-mail: rachid@ucf.edu M. Kumar Department of Mathematics, Birla Institute of Technology and Science-Pilani, Hyderabad Campus, Hyderabad 500078, Telangana, India © Springer Nature Singapore Pte Ltd. 2018 D. Ghosh et al. (eds.), Mathematics and Computing, Springer Proceedings in Mathematics & Statistics 253, https://doi.org/10.1007/978-981-13-2095-8_9 97