A Method Based on Global Attack Graph for Network Hardening

被引:0
|
作者
Man, Dapeng [1 ]
Yang, Wu [1 ]
Yang, Yongtian [1 ]
机构
[1] Harbin Engn Univ, Informat Secur Res Ctr, Harbin, Peoples R China
来源
2008 4TH INTERNATIONAL CONFERENCE ON WIRELESS COMMUNICATIONS, NETWORKING AND MOBILE COMPUTING, VOLS 1-31 | 2008年
关键词
network security; security assessment; security strategy; global attack graph;
D O I
暂无
中图分类号
TN [电子技术、通信技术];
学科分类号
0809 ;
摘要
In order to improve the overall security of networks, a method of making strategies for network hardening based on global attack graphs is proposed. This method calculates the reachability of network states by using a global attack graph firstly, and then the security loss of network states and the criticality of security elements are got Security elements are removed based on the rule of maximum-criticality-first. The operability of security enhancement strategies made by this method is better than traditional methods.
引用
收藏
页码:4536 / 4539
页数:4
相关论文
共 50 条
  • [31] An approach to evaluate network security risk based on attack graph
    Hu, Xiaoyun
    Yu, Yang
    Xia, Chunhe
    [J]. PROCEEDINGS OF THE 2016 4TH INTERNATIONAL CONFERENCE ON ELECTRICAL & ELECTRONICS ENGINEERING AND COMPUTER SCIENCE (ICEEECS 2016), 2016, 50 : 1235 - 1238
  • [32] Study of network security evaluation based on attack graph model
    Electronic Engineering Institute, Hefei 230037, China
    不详
    [J]. Tongxin Xuebao, 2007, 3 (29-34):
  • [33] Complex Network Security Analysis based on Attack Graph Model
    Liu, Zhiming
    Li, Sheng
    He, Jin
    Xie, Di
    Deng, Zhantao
    [J]. PROCEEDINGS OF THE 2012 SECOND INTERNATIONAL CONFERENCE ON INSTRUMENTATION & MEASUREMENT, COMPUTER, COMMUNICATION AND CONTROL (IMCCC 2012), 2012, : 183 - 186
  • [34] State Grid Network Attack-defense Graph Generation Method
    Zhou, Cheng
    Fei, Jia-xuan
    [J]. COMPUTER SCIENCE AND TECHNOLOGY (CST2016), 2017, : 389 - 398
  • [35] Differential Attack Graph-Based Approach for Assessing Change in the Network Attack Surface
    Bopche, Ghanshyam S.
    Rai, Gopal N.
    Reddy, B. Ramchandra
    Mehtre, B. M.
    [J]. INFORMATION SYSTEMS SECURITY (ICISS 2019), 2019, 11952 : 324 - 344
  • [36] USAGE : Uncertain flow graph and spatio-temporal graph convolutional network-based saturation attack detection method
    Wang, Kaixi
    Cui, Yunhe
    Qian, Qing
    Chen, Yi
    Guo, Chun
    Shen, Guowei
    [J]. JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2023, 219
  • [37] The Construction and Application of Network Attack Graph
    Wang Yonggang
    Miao Yi
    Yang Yang
    Chen Zhong
    Hu Jianbin
    [J]. CHINA COMMUNICATIONS, 2009, 6 (04) : 71 - 74
  • [38] A Review on Network Attack Graph Technology
    Yuan, Bin-tao
    Pan, Zu-lie
    Shi, Fan
    [J]. 2018 INTERNATIONAL CONFERENCE ON ELECTRICAL, CONTROL, AUTOMATION AND ROBOTICS (ECAR 2018), 2018, 307 : 239 - 245
  • [39] Construction method of attack scenario in cloud environment based on dynamic probabilistic attack graph
    Wang, Wenjuan
    Du, Xuehui
    Shan, Dibin
    [J]. Tongxin Xuebao/Journal on Communications, 2021, 42 (01): : 1 - 17
  • [40] A Protocol Vulnerability Analysis Method Based on Logical Attack Graph
    Zhang, Chunrui
    Wang, Shen
    Zhan, Dechen
    [J]. ADVANCES IN INTELLIGENT INFORMATION HIDING AND MULTIMEDIA SIGNAL PROCESSING, PT II, 2018, 82 : 309 - 317
12345