Network security risk analysis using attacker's behavioral parameters

Abstract

Computer networks consist of several assets such as hardware, software, and data sources. These assets have often some vulnerabilities which can be exploited by attackers that violate security policies in the network. Considering the limited budget, the network administrator should analyze and prioritize these vulnerabilities to be able to efficiently protect a network by mitigating the most risky ones. So far, several security parameters are offered to analyze security risks from the network security administrator's perspective. The major drawback of these methods is that they do not consider attacker's motivation. Depending on the motivation of potential attackers, different attack path may be selected for network security compromise. So, attacker's motivation is a key factor in predicting the attacker's behavior. In this paper, the attacker's motivation is considered in the process of security risk analysis, so network administrators are able to analyze security risks more accurately. The proposed method is applied on a network and the results are compared with novel works in this area. The experimental results show that network administrator will be able to precisely predict the behavior of attackers and apply countermeasures more efficiently.