Network security assessment using a semantic reasoning and graph based approach

被引：22

作者：

Wu, Songyang ^{[1
]}

Zhang, Yong ^{[1
]}

Cao, Wei ^{[1
]}

机构：

[1] Third Res Inst, Minist Publ Secur, Shanghai 201204, Peoples R China

来源：

COMPUTERS & ELECTRICAL ENGINEERING | 2017年 / 64卷

基金：

中国国家自然科学基金;

关键词：

Network security; Security ontology; Attack graph; Semantic reasoning; ONTOLOGY; MANAGEMENT;

D O I：

10.1016/j.compeleceng.2017.02.001

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

Owing to the high value of business data, sophisticated cyber-attacks targeting enterprise networks have become more prominent, with attackers trying to penetrate deeper into and reach wider from the compromised machines. An important security requirement is that domain experts and network administrators have a common vocabulary to share security knowledge and quickly help each other respond to new threats. We propose an innovative ontology and graph-based approach for security assessment. An ontology is designed to represent security knowledge such as that of assets, vulnerabilities, and attacks in a common form. Using the inference abilities of the ontological model, an efficient system framework is proposed to generate attack graphs and assess network security. The performance of the proposed system is evaluated on test networks of differing sizes and topologies. (C) 2017 Elsevier Ltd. All rights reserved.

引用

页码：96 / 109

页数：14

共 50 条

[1] An Approach for Security Assessment of Network Configurations using Attack Graph
Ghosh, Nirnay
Ghosh, S. K.
[J]. 2009 FIRST INTERNATIONAL CONFERENCE ON NETWORKS & COMMUNICATIONS (NETCOM 2009), 2009, : 283 - 288
[2] SRLGRN: Semantic Role Labeling Graph Reasoning Network
Zheng, Chen
Kordjamshidi, Parisa
[J]. PROCEEDINGS OF THE 2020 CONFERENCE ON EMPIRICAL METHODS IN NATURAL LANGUAGE PROCESSING (EMNLP), 2020, : 8881 - 8891
[3] Network Security Risk Assessment Based on Attack Graph
Xie, Lixia
Zhang, Xiao
Zhang, Jiyong
[J]. JOURNAL OF COMPUTERS, 2013, 8 (09) : 2339 - 2347
[4] Management of security policy configuration using a Semantic Threat Graph approach
Foley, Simon
Fitzgerald, William
[J]. JOURNAL OF COMPUTER SECURITY, 2011, 19 (03) : 567 - 605
[5] Toward Reasoning about Security Protocols: A Semantic Approach
Hommersom, Arjen
Meyer, John-Jules
de Vink, Erik
[J]. ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE, 2005, 126 : 53 - 75
[6] Semantic Relation Graph Reasoning Network for Visual Question Answering
Lan, Hong
Zhang, Pufen
[J]. TWELFTH INTERNATIONAL CONFERENCE ON SIGNAL PROCESSING SYSTEMS, 2021, 11719
[7] An approach for network security analysis using logic exploitation graph
Mao, Han-dong
Zhang, Wei-Ming
Feng, Chen
[J]. 2007 CIT: 7TH IEEE INTERNATIONAL CONFERENCE ON COMPUTER AND INFORMATION TECHNOLOGY, PROCEEDINGS, 2007, : 761 - +
[8] An approach to evaluate network security risk based on attack graph
Hu, Xiaoyun
Yu, Yang
Xia, Chunhe
[J]. PROCEEDINGS OF THE 2016 4TH INTERNATIONAL CONFERENCE ON ELECTRICAL & ELECTRONICS ENGINEERING AND COMPUTER SCIENCE (ICEEECS 2016), 2016, 50 : 1235 - 1238
[9] Research on Network Security Risk Assessment Method Based on Bayesian Reasoning
Li, Xiangna
Li, Mengao
Wang, Hui
[J]. PROCEEDINGS OF 2019 IEEE 9TH INTERNATIONAL CONFERENCE ON ELECTRONICS INFORMATION AND EMERGENCY COMMUNICATION (ICEIEC 2019), 2019, : 102 - 108
[10] Network security threat assessment method based on unsupervised generation reasoning
Yang, Hongyu
Wang, Fengyan
Lü, Weili
[J]. Qinghua Daxue Xuebao/Journal of Tsinghua University, 2020, 60 (06): : 474 - 484

← 1 2 3 4 5 →