Real-Time Risk Assessment of Network Security Based on Attack Graphs

被引：0

作者：

Yin, Xiaochuan ^{[1
]}

Fang, Yan ^{[1
]}

Liu, Yibo ^{[1
]}

机构：

[1] Air Force Engn Univ, Informat & Nav Coll, Xian 710077, Peoples R China

来源：

PROCEEDINGS OF 2013 INTERNATIONAL CONFERENCE ON INFORMATION SCIENCE AND COMPUTER APPLICATIONS (ICSA 2013) | 2013年 / 92卷

关键词：

real-time risk; security situation; attack graphs; Bayesian theory; attack evidence;

D O I：

暂无

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Facing hackers' intelligent attacks and multi-source information from various security equipments, evaluating real-time risk of the network becomes more and more complicated to handle. This paper proposes a new attack graphs model(NAG)-based analysis method in order to assess the impact on the network system made by multiple vulnerabilities. Aiming at simplify the attack graphs, we combined attack graphs with Bayesian theory and put forward an optimized algorithm to remove the cycles in attack graphs. By importing Common Vulnerability Scoring System (CVSS) and attack evidence, the assessment method in this paper can dynamically evaluate the partial or entire network security. Experimental results show that the method can reflect the changing situation of the network security.

引用

页码：75 / 80

页数：6

共 50 条

[21] Network Security Risk Assessment Method Based on HMM and Attack Graph Model
Liu Si-chao
Liu Yuan
[J]. 2016 17TH IEEE/ACIS INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING, ARTIFICIAL INTELLIGENCE, NETWORKING AND PARALLEL/DISTRIBUTED COMPUTING (SNPD), 2016, : 517 - 522
[22] Real-time correlation of network security alerts
Li, Zhitang
Zhang, Aifang
Lei, Jie
Wang, Li
[J]. ICEBE 2007: IEEE INTERNATIONAL CONFERENCE ON E-BUSINESS ENGINEERING, PROCEEDINGS, 2007, : 73 - +
[23] The system security enhancement with real-time attack detection and analysis
Zhu, S
[J]. 2001 INTERNATIONAL CONFERENCES ON INFO-TECH AND INFO-NET PROCEEDINGS, CONFERENCE A-G: INFO-TECH & INFO-NET: A KEY TO BETTER LIFE, 2001, : E66 - E71
[24] Real-time Network Attack Intention Recognition Algorithm
Hui, Qiu
Kun, Wang
[J]. INTERNATIONAL JOURNAL OF SECURITY AND ITS APPLICATIONS, 2016, 10 (04): : 51 - 61
[25] Real-time Network Security Situation Visualization and Threat Assessment Based on Semi-Markov Process
Chen Junhua
[J]. FIFTH INTERNATIONAL CONFERENCE ON MACHINE VISION (ICMV 2012): ALGORITHMS, PATTERN RECOGNITION AND BASIC TECHNOLOGIES, 2013, 8784
[26] Real-time risk assessment with network sensors and intrusion detection systems
Årnes, A
Sallhammar, K
Haslum, K
Brekne, T
Moe, MEG
Knapskog, SJ
[J]. COMPUTATIONAL INTELLIGENCE AND SECURITY, PT 2, PROCEEDINGS, 2005, 3802 : 388 - 397
[27] Knowledge-Based Framework for Real-Time Risk Assessment of Information Security Inspired by Danger Model
Hu, Zhi-Hua
Ding, Yong-Sheng
Huang, Jing-Wen
[J]. 2008 INTERNATIONAL SYMPOSIUM ON INTELLIGENT INFORMATION TECHNOLOGY APPLICATION WORKSHOP: IITA 2008 WORKSHOPS, PROCEEDINGS, 2008, : 1053 - +
[28] Real-time risk assessment on equipment failure outage of distribution network
Zhao, Huiru
Li, Nana
Guo, Sen
Li, Tianyou
Zhang, Gonglin
[J]. Dianli Zidonghua Shebei/Electric Power Automation Equipment, 2014, 34 (11): : 89 - 94
[29] Docker Security: A Threat Model, Attack Taxonomy and Real-Time Attack Scenario of DoS
Tomar, Apama
Jeena, Diksha
Mishra, Preeti
Bisht, Rahul
[J]. PROCEEDINGS OF THE CONFLUENCE 2020: 10TH INTERNATIONAL CONFERENCE ON CLOUD COMPUTING, DATA SCIENCE & ENGINEERING, 2020, : 150 - 155
[30] Quantitative evaluation approach for real-time risk based on attack event correlating
[J]. Ge, H.-H. (haiyiyanglan@126.com), 1600, Science Press (35):

← 1 2 3 4 5 →