For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
Design and Application of DECT Voice Gateway System Based on Mobile Network
p.2316
Study on Acoustic Communication Methods in Periodic Tube Structure
p.2323
A Metropolis Criterion Based Fuzzy Q-Learning Flow Controller for High-Speed Networks
p.2327
Data Desynchronization Attacks on Two Lightweight Security Protocols for the RFID System
p.2331
A Distributed Network Risk Assessment Method Based on Attack Graph
p.2335
A Traffic-Flow-Phase Adaptive Routing Algorithm for VANETs
p.2343
The Research and Design of Instrument Management System Based on Wireless HART Technology
p.2350
A Real Time Video Transmission Routing Protocol in Multi-Interface Multi-Channel Ad Hoc Based on Queue Length and Delay Contraint
p.2354
Application of Modbus Communication Technology in Steam Injection Control System of Thermal Recovery Station
p.2362

A Distributed Network Risk Assessment Method Based on Attack Graph

Article Preview

Abstract:

Evaluating risk effectively selecting effective defence measures and defending information threats actively are the key points of resolving security problems of information system.Based on the actual requirements and status of risk assessment of information security,we integrate attack graph to apply it in studying risk assessment of information security.Firstly,focused on the uncertainty and complexity of risk assessment of information security,we integrate the technology of vulnerabilities associated with to apply it in studying risk assessment.On the other hand,since the attack path described by attack graph model is suited for the quantity data processing,and poor to the qualitative analyze,and risk is uncertain,the risk factors are quantized by the probability of attack path forming proposed in this dissertation so that the probability of atom attack are pre-treated,a risk assessment method based on attack graph model is proposed.The method Take full advantage of computing power of each host in the network, greatly shorten the attack graph generation time.

You might also be interested in these eBooks
Industrial Instrumentation and Control Systems View Preview

Info:

Periodical:

Applied Mechanics and Materials (Volumes 241-244)

Pages:

2335-2342

DOI:

https://doi.org/10.4028/www.scientific.net/AMM.241-244.2335

Citation:

Cite this paper

Online since:

December 2012

Authors:

Tian Chi Yang, Ming Fang, Qi Feng Shao

Keywords:

Attack Graph, Network Security Risk Assessment, Security Risk Probability

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2013 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

References

[1] G Helmer, J Wong, M Slagell, et al. A Software Fault Tree Approach to Requirements Analysis of an Intrusion Detection System Requirements Engineering Journal,2002,7(4):207-220p

DOI: 10.1007/s007660200016

Google Scholar

[2] B Schneier.Attack Trees.Dr.Dobbss Journal,1999,24(12):21-29p

Google Scholar

[3] K Clark, J Dawkins, J Hale.Security Risk Metrics:Fusing Enterprise Objectives and Vulnerabilities.proc 2005 Systems,Man and Cybermetics (SMC) Information Assurance Workshop,IEEE press,2005,388-393p

DOI: 10.1109/iaw.2005.1495978

Google Scholar

[4] K Edge,R Raines,R Bennington,et al.The Use of Attack and protection Trees to Analyze Security for an Online Banking System.proc the 40th Annual Hawaii International Conference on System Sciences (HICSS'07),Hawaii,USA,IEEE press,(2007)

DOI: 10.1109/hicss.2007.558

Google Scholar

[5] S Bistarelli,F Fioravanti,P Peretti.Defence Trees for Economic Evaluation of Security Investments.proc the First International Conference on Availability and Security (ARES'06), Vienna,IEEE press,2006.416-423p

DOI: 10.1109/ares.2006.46

Google Scholar

[6] S Bistarelli, F Fioravanti, P Peretti.Using CP-nets as a Guide for Countermeasure Selection. Proc the 2007ACM symposium on Applied computing,Seoul,Korea,ACM press,2007.300-304p

DOI: 10.1145/1244002.1244073

Google Scholar

[7] C RamaKrishnan, R Sekar. Model-based Vulnerability Analysis of Computer Systems. proc the 2nd International Workshop on Verification, Model Checking and AbstracInterpretation,NY, USA,(1998)

Google Scholar

[8] L P Swiler,C phillips,D Ellis,et al.Computer Attack Graph Generation Tool. Proc 2001 DARPA Information Survivability Conference and Exposition,CA,USA,IEEE press,2001.307-321p

DOI: 10.1109/discex.2001.932182

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.