For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
Branch Unit for Seafloor Observatory Network
p.2354
Visual Simulation of Node Localization for WSN Based on Vega Prime
p.2360
Feasibility Analysis of Lightweight Conversion for Pro/E 3-D Models in Third-Party Formats
p.2365
Study on the Agricultural Internet of Things Key Technology of the Intelligent Control of Sunlight Greenhouse Complex System
p.2369
Evaluating Network Security Based on Attack Graph
p.2374
Design and Implementation of the Critical Functions in IETM System
p.2379
Batch Job Based Auto-Scaling System on Cloud Computing Platform
p.2386
Study on Visualized Network Security Test Platform
p.2391
Artificial Neural Networks Identification of Lithology-Types in Complex Carbonate from Well Logs, Block K, in Uzbekistan
p.2396

Evaluating Network Security Based on Attack Graph

Article Preview

Abstract:

By now, Attack Graph (AG) is widely applied to the field of network security assessment. In the AG, each vertex has a value that implies the probability of the exploit and each edge represents the relationship between the exploits. In this paper we design an AG model and propose an approach which integrates the AG model with the Dynamic Bayesian Network (DBN). The approach not only strengthens the rationality of uncertain reasoning, but also provides a quantitative assessment of network security status. We evaluated the approach by experiment. The results showed that our model is rather accurate and the performance of it is competitive.

You might also be interested in these eBooks
Information Technology Applications in Industry, Computer Engineering and Materials Science View Preview

Info:

Periodical:

Advanced Materials Research (Volumes 756-759)

Pages:

2374-2378

DOI:

https://doi.org/10.4028/www.scientific.net/AMR.756-759.2374

Citation:

Cite this paper

Online since:

September 2013

Authors:

Xiang Gao, Xue Qin Xu, Min Wang

Keywords:

Attack Graph, Bayesian Network (BN), Dynamic Bayesian Network, Probability

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2013 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

References

[1] L. Wang,A. Singhal, and S. Jajodia. Measuring network security using attack graphs. In Proceedings of the 3rd ACM workshop on Quality of protection(Qop'07), New York, NY, USA, 2007. ACM Press.

DOI: 10.1145/1314257.1314273

Google Scholar

[2] L. Wang,C. Yao,A. Singhal, and S. Jajodia. Interactive analysis of attack graphs using relational queries. In Proceedings of 20th IFIP WG 11. 3 Working Conference on Data and Applications Security(DBSEC'06), pages 119-132, (2006).

DOI: 10.1007/11805588_9

Google Scholar

[3] Y. Liu,H. Man. Network vulnerability assessment using Bayesian networks. In Proceeding of Data Mining, Intrusion Detection, Information Assurance and Data Networks Security, pages 61-71, (2005).

DOI: 10.1117/12.604240

Google Scholar

[4] S. Jajodia,S. Noel, and B. O'Berry. Topological analysis of network attack vulnerability. In V. Kumar,J. Srivastava, and A. Lazarevic, editors, Managing Cyber Threats: Issues, Approaches and Challenges. Kluwer Academic Publisher, (2003).

DOI: 10.1007/0-387-24230-9_9

Google Scholar

[5] Common vulnerability scoring system version2. Available at: http: /www. first. org/cvss/. (2011).

Google Scholar

[6] National vulnerability database. Available at: http/www. vud. org.

Google Scholar

[7] Pengsu Cheng. Security metric through combining CVSS base scores: [D]. Univ. of Concordia, (2011).

Google Scholar

[8] M. Frigault and L. Wang. Measuring network security using Bayesian network-based attack graphs. In Proceedings of the 3rd IEEE International Workshop on Security, Trust, and Privacy for Software Applications (STPSA'08), (2008).

DOI: 10.1109/compsac.2008.88

Google Scholar

[9] M. Frigault,L. Wang, A. Singhal, and S. Jajodia. Measuring network security using dynamic Bayesian network. In Proceedings of ACM workshop on Quality of protection, (2008).

DOI: 10.1145/1456362.1456368

Google Scholar

[10] Paul Ammann, Duminda Wijesekera, and Saket Kaushik. Scalable, graph-based network vulnerability analysis. In Proceedings of the 9th ACM conference on Computer and communications security, CCS'02, pages 217-224, (2002).

DOI: 10.1145/586110.586140

Google Scholar

[11] Boston university representative internet topology generator. Available at http: /www. cs. bu. edu/brite.

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.