Network Security Risk Assessment Based on Attack Graph

被引:5
|
作者
Xie, Lixia [1 ]
Zhang, Xiao [1 ]
Zhang, Jiyong [2 ]
机构
[1] Civil Aviat Univ China, Coll Comp Sci & Technol, Tianjin 300300, Peoples R China
[2] Swiss Fed Inst Technol, Sch Comp & Commun Sci, CH-1015 Lausanne, Switzerland
来源
JOURNAL OF COMPUTERS | 2013年 / 8卷 / 09期
基金
中国国家自然科学基金;
关键词
network security; risk assessment; multi-agents attack graph;
D O I
10.4304/jcp.8.9.2339-2347
中图分类号
TP39 [计算机的应用];
学科分类号
081203 ; 0835 ;
摘要
In order to protect the network and evaluate the network security risks automatically, a new multi-agents risk assessment model based on attack graph (MRAMBAG) is presented. First, a network risk assessment model with master-slave agents is established, especially the functional architecture of master-slave agents and the risk association relation analysis process are designed. Then, the attack path and the attack graph are constructed by using the Attract Graph Building algorithm with the input of the dynamic data information collected by components. Finally, risk indexes of attack path, components, hosts, vulnerabilities and association risk index of network nodes are calculated successively and consequently the security risk quantitative index of target networks are obtained. The experimental results demonstrate that the MRAMBAG is a more feasible and effective way for evaluate the network security risk.
引用
收藏
页码:2339 / 2347
页数:9
相关论文
共 50 条
  • [1] Network Security Risk Assessment System Based on Attack Graph and Markov Chain
    Sun, Fuxiong
    Pi, Juntao
    Lv, Jin
    Cao, Tian
    [J]. 2017 INTERNATIONAL CONFERENCE ON CLOUD TECHNOLOGY AND COMMUNICATION ENGINEERING (CTCE2017), 2017, 910
  • [2] Network Security Risk Assessment Method Based on HMM and Attack Graph Model
    Liu Si-chao
    Liu Yuan
    [J]. 2016 17TH IEEE/ACIS INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING, ARTIFICIAL INTELLIGENCE, NETWORKING AND PARALLEL/DISTRIBUTED COMPUTING (SNPD), 2016, : 517 - 522
  • [3] Heuristic Network Security Risk Based on Attack Graph
    Sun, Wei
    Li, Qianmu
    Wang, Pengchuan
    Hou, Jun
    [J]. CLOUD COMPUTING, CLOUDCOMP 2021, 2022, 430 : 181 - 194
  • [4] An approach to evaluate network security risk based on attack graph
    Hu, Xiaoyun
    Yu, Yang
    Xia, Chunhe
    [J]. PROCEEDINGS OF THE 2016 4TH INTERNATIONAL CONFERENCE ON ELECTRICAL & ELECTRONICS ENGINEERING AND COMPUTER SCIENCE (ICEEECS 2016), 2016, 50 : 1235 - 1238
  • [5] Evaluation of Network Risk Using Attack Graph Based Security Metrics
    Kumar, Santosh
    Negi, Anuradha
    Prasad, Keshav
    Mahanti, Aniket
    [J]. 2016 IEEE 14TH INTL CONF ON DEPENDABLE, AUTONOMIC AND SECURE COMPUTING, 14TH INTL CONF ON PERVASIVE INTELLIGENCE AND COMPUTING, 2ND INTL CONF ON BIG DATA INTELLIGENCE AND COMPUTING AND CYBER SCIENCE AND TECHNOLOGY CONGRESS (DASC/PICOM/DATACOM/CYBERSC, 2016, : 91 - 93
  • [6] A Distributed network risk assessment method based on attack graph
    Yang, Tian Chi
    Fang, Ming
    Shao, Qi Feng
    [J]. INDUSTRIAL INSTRUMENTATION AND CONTROL SYSTEMS, PTS 1-4, 2013, 241-244 : 2335 - 2342
  • [7] Multiobjective network security dynamic assessment method based on Bayesian network attack graph
    Xie, Jialiang
    Zhang, Shanli
    Wang, Honghui
    Chen, Mingzhi
    [J]. INTERNATIONAL JOURNAL OF INTELLIGENT COMPUTING AND CYBERNETICS, 2024, 17 (01) : 38 - 60
  • [8] Attack graph based evaluation of network security
    Kotenko, Igor
    Stepashkin, Mikhail
    [J]. COMMUNICATIONS AND MULTIMEDIA SECURITY, PROCEEDINGS, 2006, 4237 : 216 - 227
  • [9] Exploring risk flow attack graph for security risk assessment
    Dai, Fangfang
    Hu, Ying
    Zheng, Kangfeng
    Wu, Bin
    [J]. IET INFORMATION SECURITY, 2015, 9 (06) : 344 - 353
  • [10] A Logic-based Attack Graph for Analyzing Network Security Risk Against Potential Attack
    Yi, Feng
    Cai, Huang Yi
    Xin, Fu Zheng
    [J]. 2018 IEEE INTERNATIONAL CONFERENCE ON NETWORKING, ARCHITECTURE AND STORAGE (NAS), 2018,
12345