A Method Based on Global Attack Graph for Network Hardening

被引:0
|
作者
Man, Dapeng [1 ]
Yang, Wu [1 ]
Yang, Yongtian [1 ]
机构
[1] Harbin Engn Univ, Informat Secur Res Ctr, Harbin, Peoples R China
来源
2008 4TH INTERNATIONAL CONFERENCE ON WIRELESS COMMUNICATIONS, NETWORKING AND MOBILE COMPUTING, VOLS 1-31 | 2008年
关键词
network security; security assessment; security strategy; global attack graph;
D O I
暂无
中图分类号
TN [电子技术、通信技术];
学科分类号
0809 ;
摘要
In order to improve the overall security of networks, a method of making strategies for network hardening based on global attack graphs is proposed. This method calculates the reachability of network states by using a global attack graph firstly, and then the security loss of network states and the criticality of security elements are got Security elements are removed based on the rule of maximum-criticality-first. The operability of security enhancement strategies made by this method is better than traditional methods.
引用
收藏
页码:4536 / 4539
页数:4
相关论文
共 50 条
  • [21] A Survey of Network Attack Investigation Based on Provenance Graph
    Qiu, Jing
    Chen, Rong-Rong
    Zhu, Hao-Jin
    Xiao, Yan-Jun
    Yin, Li-Hua
    Tian, Zhi-Hong
    Tien Tzu Hsueh Pao/Acta Electronica Sinica, 2024, 52 (07): : 2529 - 2556
  • [22] Network Security Risk Assessment Based on Attack Graph
    Xie, Lixia
    Zhang, Xiao
    Zhang, Jiyong
    JOURNAL OF COMPUTERS, 2013, 8 (09) : 2339 - 2347
  • [23] Heuristic Network Security Risk Based on Attack Graph
    Sun, Wei
    Li, Qianmu
    Wang, Pengchuan
    Hou, Jun
    CLOUD COMPUTING, CLOUDCOMP 2021, 2022, 430 : 181 - 194
  • [24] Network Attack Identification and Analysis Based on Graph Convolutional Neural Network
    Wang, Xingyu
    Wenkun
    Zhang, Yingdan
    2023 IEEE 22ND INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS, TRUSTCOM, BIGDATASE, CSE, EUC, ISCI 2023, 2024, : 1443 - 1448
  • [25] Optimal Security Hardening over a Probabilistic Attack Graph
    Buczkowski, Przemyslaw
    Malacaria, Pasquale
    Hankin, Chris
    Fielder, Andrew
    SAT-CPS'22: PROCEEDINGS OF THE 2022 ACM WORKSHOP ON SECURE AND TRUSTWORTHY CYBER-PHYSICAL SYSTEMS, 2022, : 21 - 30
  • [26] Research on Key Node Method of Network Attack Graph Based on Power Information Physical System
    Guan, Xiaojuan
    Ma, Yuanyuan
    Shao, Zhipeng
    Cao, Wantian
    PROCEEDINGS OF 2021 IEEE 11TH INTERNATIONAL CONFERENCE ON ELECTRONICS INFORMATION AND EMERGENCY COMMUNICATION (ICEIEC 2021), 2021, : 48 - 51
  • [27] A Generation Method of Attack Graph Based on Evolutionary Computation
    Wang, Jiajia
    PROCEEDINGS OF THE 2016 2ND INTERNATIONAL CONFERENCE ON ADVANCES IN ENERGY, ENVIRONMENT AND CHEMICAL ENGINEERING (AEECE 2016), 2016, 89 : 28 - 31
  • [28] Method of Cyber Attack Attribution Based on Graph Model
    Huang, Ke-Zhen
    Lian, Yi-Feng
    Feng, Deng-Guo
    Zhang, Hai-Xia
    Wu, Di
    Ma, Xiang-Liang
    Ruan Jian Xue Bao/Journal of Software, 2022, 33 (02): : 683 - 698
  • [29] An Attack Graph Generation Method Based on Parallel Computing
    Cao, Ningyuan
    Lv, Kun
    Hu, Changzhen
    SCIENCE OF CYBER SECURITY, SCISEC 2018, 2018, 11287 : 34 - 48
  • [30] Host security assessment method based on attack graph
    Yang, Hongyu
    Yuan, Haihang
    Zhang, Liang
    Tongxin Xuebao/Journal on Communications, 2022, 43 (02): : 89 - 99
12345