Propose Vulnerability Metrics to Measure Network Secure using Attack Graph

被引：0

作者：

Al-Araji, Zaid J. ^{[1
]}

Ahmad, Sharifah Sakinah Syed ^{[1
]}

Abdullah, Raihana Syahirah ^{[1
]}

机构：

[1] Univ Tekn Malaysia, Fac Informat Commun Technol, Melaka, Malaysia

来源：

INTERNATIONAL JOURNAL OF ADVANCED COMPUTER SCIENCE AND APPLICATIONS | 2021年 / 12卷 / 05期

关键词：

Attack graph; security metrics; attack path; path analysis; attack graph uses;

D O I：

暂无

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

With the increase in using computer networking, the security risk has also increased. To protect the network from attacks, attack graph has been used to analyze the vulnerabilies of the network. However, properly securing networks requires quantifying the level of security offered by these actions, as you cannot enhance what you cannot measure. Security metrics provide a qualitative and quantitative representation of a system's or network's security level. However, using existing security metrics can lead to misleading results. This work proposed three metrics, which is the Number of Vulnerabilities (NV), Mean Vulnerabilities on Path (MVoP), and the Weakest Path (WP). The experiment of this work used two networks to test the metrics. The results show the effect of these metrics on finding the weaknesses of the network that the attacker may use.

引用

页码：51 / 58

页数：8

共 50 条

[1] Propose Vulnerability Metrics to Measure Network Secure using Attack Graph
Al-Araji, Zaid. J.
Ahmad, Sharifah Sakinah Syed
Abdullah, Raihana Syahirah
[J]. International Journal of Advanced Computer Science and Applications, 2021, 12 (05): : 51 - 58
[2] Evaluation of Network Risk Using Attack Graph Based Security Metrics
Kumar, Santosh
Negi, Anuradha
Prasad, Keshav
Mahanti, Aniket
[J]. 2016 IEEE 14TH INTL CONF ON DEPENDABLE, AUTONOMIC AND SECURE COMPUTING, 14TH INTL CONF ON PERVASIVE INTELLIGENCE AND COMPUTING, 2ND INTL CONF ON BIG DATA INTELLIGENCE AND COMPUTING AND CYBER SCIENCE AND TECHNOLOGY CONGRESS (DASC/PICOM/DATACOM/CYBERSC, 2016, : 91 - 93
[3] Network Vulnerability Assessment based on Attack Graph
Wang Huan
Zhao Jianping
Liu Dan
Li Bo
[J]. 2017 INTERNATIONAL CONFERENCE ON COMPUTER SYSTEMS, ELECTRONICS AND CONTROL (ICCSEC), 2017, : 542 - 545
[4] An Intelligent Model for Vulnerability Analysis Using Attack Graph
Wang Yi
Xiao Jinghua
[J]. 2009 INTERNATIONAL FORUM ON INFORMATION TECHNOLOGY AND APPLICATIONS, VOL 3, PROCEEDINGS, 2009, : 526 - 529
[5] Aggregating vulnerability metrics in enterprise networks using attack graphs
Homer, John
Zhang, Su
Ou, Xinming
Schmidt, David
Du, Yanhui
Rajagopalan, S.
Singhal, Anoop
[J]. JOURNAL OF COMPUTER SECURITY, 2013, 21 (04) : 561 - 597
[6] Analysis of Attack Graph-based Metrics for Quantification of Network Security
Kundu, Arkadeep
Ghosh, Nirnay
Chokshi, Ishan
Ghosh, Soumya K.
[J]. 2012 ANNUAL IEEE INDIA CONFERENCE (INDICON), 2012, : 530 - 535
[7] AGQL: A Query Language for Attack Graph based Network Vulnerability Analysis
Barik, Mridul Sankar
[J]. PROCEEDINGS OF 2018 FIFTH INTERNATIONAL CONFERENCE ON EMERGING APPLICATIONS OF INFORMATION TECHNOLOGY (EAIT), 2018,
[8] NETWORK ATTACK PATH PREDICTION BASED ON VULNERABILITY DATA AND KNOWLEDGE GRAPH
Wang, Yifan
Sun, Zhi
Han, Ye
[J]. INTERNATIONAL JOURNAL OF INNOVATIVE COMPUTING INFORMATION AND CONTROL, 2021, 17 (05): : 1717 - 1730
[9] IoT System Vulnerability Analysis and Network Hardening with Shortest Attack Trace in aWeighted Attack Graph
Wan, Yinxin
Lin, Xuanli
Sabur, Abdulhakim
Chang, Alena
Xu, Kuai
Xue, Guoliang
[J]. PROCEEDINGS 8TH ACM/IEEE CONFERENCE ON INTERNET OF THINGS DESIGN AND IMPLEMENTATION, IOTDI 2023, 2023, : 315 - 326
[10] A network attack path prediction method using attack graph
Liu, Xuguang
[J]. JOURNAL OF AMBIENT INTELLIGENCE AND HUMANIZED COMPUTING, 2020,

← 1 2 3 4 5 →