Abstract:The attack graph correlates related vulnerabilities and shows potential attack paths,which is a kind of vulnerability analysis technologies.Existing methods are usually based on backward searching,which find all possible attack paths to analyze network security.Based on attack graph and forward searching,we propose an on-the-fly verification method for attack graph.As a supplement to existing methods,our approach is to find one attack path quickly,and usually only needs to construct a small portion of the state space,which relieves the memory shortage and state space explosion.The experimental results show good performance and scalability of the approach.