Defense scheme generation method using mixed path attack graph

The common properties of known vulnerability were discussed; the formal description of vulnerability and its exploiting rule were proposed. A mixed path attack graph (MPAG) model was constructed to extend the description semantic of attack graph. MPAG could describe the hidden attack path introduced by 0-day vulnerability and the explicit one introduced by known vulnerability in the same attack graph. Also, the risk of 0-day vulnerability exploiting ratio was calculated. At last, based on MPAG and multi-objective theory, the method of defense scheme generation was proposed, which could generate defense scheme cost and risk balanced. The experiment shows that MAPG could describe hidden attack path, and new known vulnerabilities, which are not exploited in traditional attack graph, may be introduced in MPAG; the ratio of path cover of defense scheme generated based on MPAG is better, and the method can help the security manager find out the omission of defense measure library. © 2017, Zhejiang University Press. All right reserved.