A Method Based on Global Attack Graph for Network Hardening

被引:0
|
作者
Man, Dapeng [1 ]
Yang, Wu [1 ]
Yang, Yongtian [1 ]
机构
[1] Harbin Engn Univ, Informat Secur Res Ctr, Harbin, Peoples R China
来源
2008 4TH INTERNATIONAL CONFERENCE ON WIRELESS COMMUNICATIONS, NETWORKING AND MOBILE COMPUTING, VOLS 1-31 | 2008年
关键词
network security; security assessment; security strategy; global attack graph;
D O I
暂无
中图分类号
TN [电子技术、通信技术];
学科分类号
0809 ;
摘要
In order to improve the overall security of networks, a method of making strategies for network hardening based on global attack graphs is proposed. This method calculates the reachability of network states by using a global attack graph firstly, and then the security loss of network states and the criticality of security elements are got Security elements are removed based on the rule of maximum-criticality-first. The operability of security enhancement strategies made by this method is better than traditional methods.
引用
收藏
页码:4536 / 4539
页数:4
相关论文
共 50 条
  • [1] A Heuristic Method of Attack Graph Analysis for Network Security Hardening
    Zhao Chao
    Wang Huiqiang
    Guo Fangfang
    Zhou Mo
    Zhang Yushu
    2014 INTERNATIONAL CONFERENCE ON CYBER-ENABLED DISTRIBUTED COMPUTING AND KNOWLEDGE DISCOVERY (CYBERC), 2014, : 43 - 47
  • [2] Exploiting Domination in Attack Graph for Enterprise Network Hardening
    Bopche, Ghanshyam S.
    Mehtre, Babu M.
    SECURITY IN COMPUTING AND COMMUNICATIONS (SSCC 2015), 2015, 536 : 342 - 353
  • [3] A method for global attack graph generation
    Man, Dapeng
    Zhang, Bing
    Yang, Wu
    Jin, Wenjin
    Yang, Yongtian
    PROCEEDINGS OF 2008 IEEE INTERNATIONAL CONFERENCE ON NETWORKING, SENSING AND CONTROL, VOLS 1 AND 2, 2008, : 236 - +
  • [4] Optimal Network Security Hardening Using Attack Graph Games
    Durkota, Karel
    Lisy, Viliam
    Bosansky, Branislav
    Kiekintveld, Christopher
    PROCEEDINGS OF THE TWENTY-FOURTH INTERNATIONAL JOINT CONFERENCE ON ARTIFICIAL INTELLIGENCE (IJCAI), 2015, : 526 - 532
  • [5] A Generation Method of Network Security Hardening Strategy Based on Attack Graphs
    Zhao, Chao
    Wang, Huiqiang
    Lin, Junyu
    Lv, Hongwu
    Zhang, Yushu
    INTERNATIONAL JOURNAL OF WEB SERVICES RESEARCH, 2015, 12 (01) : 45 - 61
  • [6] A Quantitative Method for Evaluating Network Security Based on Attack Graph
    Zheng, Yukun
    Lv, Kun
    Hu, Changzhen
    NETWORK AND SYSTEM SECURITY, 2017, 10394 : 349 - 358
  • [7] A Distributed network risk assessment method based on attack graph
    Yang, Tian Chi
    Fang, Ming
    Shao, Qi Feng
    INDUSTRIAL INSTRUMENTATION AND CONTROL SYSTEMS, PTS 1-4, 2013, 241-244 : 2335 - 2342
  • [8] Research on network attack analysis method based on attack graph of absorbing Markov chain
    Kang H.
    Long M.
    Tongxin Xuebao/Journal on Communications, 2023, 44 (02): : 122 - 135
  • [9] A network attack path prediction method using attack graph
    Liu, Xuguang
    JOURNAL OF AMBIENT INTELLIGENCE AND HUMANIZED COMPUTING, 2020,
  • [10] Computer network security evaluation method based on improved attack graph
    Li, Zhaocui
    Liu, Huichuan
    Wu, Chunyan
    Journal of Cyber Security Technology, 2022, 6 (04) : 201 - 215
12345