Modeling Network Diversity for Evaluating the Robustness of Networks against Zero-Day Attacks

被引：0

作者：

Wang, Lingyu ^{[1
]}

Zhang, Mengyuan ^{[1
]}

Jajodia, Sushil ^{[2
]}

Singhal, Anoop ^{[3
]}

Albanese, Massimiliano ^{[2
]}

机构：

[1] Concordia Univ, Concordia Inst Informat Syst Engn, Montreal, PQ, Canada

[2] George Mason Univ, Ctr Secure Informat Syst, Fairfax, VA 22030 USA

[3] Natl Inst Standards & Technol, Comp Secur Div, Gaithersburg, MD USA

来源：

COMPUTER SECURITY - ESORICS 2014, PT II | 2014年 / 8713卷

基金：

加拿大自然科学与工程研究理事会;

关键词：

Security Metrics; Diversity; Network Security; Zero Day Attack; Network Robustness; DESIGN DIVERSITY; WEB SERVERS; SECURITY; VULNERABILITY; SYSTEM;

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The interest in diversity as a security mechanism has recently been revived in various applications, such as Moving Target Defense (MTD), resisting worms in sensor networks, and improving the robustness of network routing. However, most existing efforts on formally modeling diversity have focused on a single system running diverse software replicas or variants. At a higher abstraction level, as a global property of the entire network, diversity and its impact on security have received limited attention. In this paper, we take the first step towards formally modeling network diversity as a security metric for evaluating the robustness of networks against potential zero day attacks. Specifically, we first devise a biodiversity-inspired metric based on the effective number of distinct resources. We then propose two complementary diversity metrics, based on the least and the average attacking efforts, respectively. Finally, we evaluate our algorithm and metrics through simulation.

引用

页码：494 / 511

页数：18

共 50 条

[31] A framework for detecting zero-day exploits in network flows
Toure, Almamy
Imine, Youcef
Semnont, Alexis
Delot, Thierry
Gallais, Antoine
[J]. COMPUTER NETWORKS, 2024, 248
[32] Consensus Forecasting of Zero-Day Vulnerabilities for Network Security
Last, David
[J]. 2016 IEEE INTERNATIONAL CARNAHAN CONFERENCE ON SECURITY TECHNOLOGY (ICCST), 2016, : 290 - 297
[33] An Attack Graph Based Procedure for Risk Estimation of Zero-Day Attacks
Keramati, Marjan
[J]. 2016 8TH INTERNATIONAL SYMPOSIUM ON TELECOMMUNICATIONS (IST), 2016, : 723 - 728
[34] Detection of Zero-Day Attacks in a Software-Defined LEO Constellation Network Using Enhanced Network Metric Predictions
Agnew, Dennis
Rice-Bladykas, Ashlee
Mcnair, Janise
[J]. IEEE Open Journal of the Communications Society, 2024, 5 : 6611 - 6634
[35] Windows Based Data Sets for Evaluation of Robustness of Host Based Intrusion Detection Systems (IDS) to Zero-Day and Stealth Attacks
Haider, Waqas
Creech, Gideon
Xie, Yi
Hu, Jiankun
[J]. FUTURE INTERNET, 2016, 8 (03)
[36] Zero-Day Guardian: A Dual Model Enabled Federated Learning Framework for Handling Zero-Day Attacks in 5G Enabled IIoT
Verma, Priyanka
Bharot, Nitesh
Breslin, John G.
O'Shea, Donna
Vidyarthi, Ankit
Gupta, Deepak
[J]. IEEE TRANSACTIONS ON CONSUMER ELECTRONICS, 2024, 70 (01) : 3856 - 3866
[37] AEGIS: A proactive methodology to shield against zero-day exploits
Chandrasekaran, Madhusudhanan
Baig, Mukarram
Upadhyaya, Shambhu
[J]. 21ST INTERNATIONAL CONFERENCE ON ADVANCED NETWORKING AND APPLICATIONS WORKSHOPS/SYMPOSIA, VOL 2, PROCEEDINGS, 2007, : 564 - +
[38] Zero-day and zero-click attacks on digital banking: a comprehensive review of double trouble
Yasmeen, Kausar
Adnan, Muhammad
[J]. RISK MANAGEMENT-AN INTERNATIONAL JOURNAL, 2023, 25 (04):
[39] Zero-day and zero-click attacks on digital banking: a comprehensive review of double trouble
Kausar Yasmeen
Muhammad Adnan
[J]. Risk Management, 2023, 25
[40] RobCaps: Evaluating the Robustness of Capsule Networks against Affine Transformations and Adversarial Attacks
Marchisio, Alberto
De Marco, Antonio
Colucci, Alessio
Martina, Maurizio
Shafique, Muhammad
[J]. 2023 INTERNATIONAL JOINT CONFERENCE ON NEURAL NETWORKS, IJCNN, 2023,

← 1 2 3 4 5 →