A Minimum Cost of Network Hardening Model Based on Attack Graphs

被引：6

作者：

Ma Jun-chun ^{[1
,2
]}

Wang Yong-jun ^{[1
]}

Sun Ji-yin ^{[2
]}

Chen Shan ^{[2
]}

机构：

[1] NUDT, Sch Comp Sci, Changsha 410073, Hunan, Peoples R China

[2] Hightech Res Inst Hongqing town, Xian 710025, Peoples R China

来源：

CEIS 2011 | 2011年 / 15卷

基金：

中国国家自然科学基金;

关键词：

network security; attack graphs; bidirectional-based search; genetic algorithms; minimum-cost;

D O I：

10.1016/j.proeng.2011.08.606

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

In order to improve network's security, a minimum cost of network hardening model (MCNHM) based on attack graphs is presented. Firstly, the bidirectional-based search strategy is used to search the network vulnerabilities' relationship, which improves the generation efficiency of attack graphs, and reduces the system resource consumption; Secondly, this model gives the formal definition of minimum-cost of network hardening; Finally, it combines attack graphs and genetic algorithm, and transforms the problem of minimum cost of network hardening to a non-restraint optimization problem with penalty by establishing the corresponding mathematical model, which guarantees the network security with the least cost. This model is an important component of the National High-Tech Research and Development Plan of China, under Grant No. 2009AA01Z432, a great of experimental results show that this model can find the minimum cost of target network, so it can help network security managers carry on safety protection in pertinence, and has important practical significance. (C) 2011 Published by Elsevier Ltd. Selection and/or peer-review under responsibility of [CEIS 2011]

引用

页数：7

共 50 条

[1] Minimum-cost network hardening using attack graphs
Wang, Lingyu
Noel, Steven
Jajodia, Sushil
[J]. COMPUTER COMMUNICATIONS, 2006, 29 (18) : 3812 - 3824
[2] An Efficient Approach to Minimum-Cost Network Hardening Using Attack Graphs
Chen, Feng
Wang, Lingyu
Su, Jinshu
[J]. FOURTH INTERNATIONAL SYMPOSIUM ON INFORMATION ASSURANCE AND SECURITY, PROCEEDINGS, 2008, : 209 - +
[3] A Novel Minimum Cost of Network Hardening Model
Ma, Jun-Chun
Chen, Shan
Li, Min
[J]. 2015 International Conference on Software Engineering and Information System (SEIS 2015), 2015, : 347 - 354
[4] Efficient minimum-cost network hardening via exploit dependency graphs
Noel, S
Jajodia, S
O'Berry, B
Jacobs, M
[J]. 19TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, PROCEEDINGS, 2003, : 86 - 95
[5] A Generation Method of Network Security Hardening Strategy Based on Attack Graphs
Zhao, Chao
Wang, Huiqiang
Lin, Junyu
Lv, Hongwu
Zhang, Yushu
[J]. INTERNATIONAL JOURNAL OF WEB SERVICES RESEARCH, 2015, 12 (01) : 45 - 61
[6] Cost-Aware Network Hardening with Limited Budget using Compact Attack Graphs
Yigit, Beytullah
Gur, Gurkan
Alagoz, Fatih
[J]. 2014 IEEE MILITARY COMMUNICATIONS CONFERENCE: AFFORDABLE MISSION SUCCESS: MEETING THE CHALLENGE (MILCOM 2014), 2014, : 152 - 157
[7] Time-Efficient and Cost-Effective Network Hardening Using Attack Graphs
Albanese, Massimiliano
Jajodia, Sushil
Noel, Steven
[J]. 2012 42ND ANNUAL IEEE/IFIP INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND NETWORKS (DSN), 2012,
[8] Minimum-cost network hardening algorithm based on stochastic loose optimize strategy
Department of Language Engineering, PLA University of Foreign Languages, Luoyang
471003, China
不详
410073, China
[J]. Tongxin Xuebao, 1
[9] A defense algorithm against an active network attack with minimum cost
Ma, Xiao
[J]. Harbin Gongcheng Daxue Xuebao/Journal of Harbin Engineering University, 2020, 41 (09): : 1405 - 1410
[10] Partial Cuts in Attack Graphs for Cost Effective Network Defence
Sawilla, Reginald
Skillicorn, David
[J]. 2012 IEEE INTERNATIONAL CONFERENCE ON TECHNOLOGIES FOR HOMELAND SECURITY, 2012, : 291 - 297

← 1 2 3 4 5 →