贝叶斯攻击图分析中局部概率的精确估计

2021 IEEE 12th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON) Pub Date : 2021-10-27 DOI:10.1109/iemcon53756.2021.9623254

Arnab Paul Joy, Mosarrat Jahan, U. Kabir, S. Mahato

{"title":"贝叶斯攻击图分析中局部概率的精确估计","authors":"Arnab Paul Joy, Mosarrat Jahan, U. Kabir, S. Mahato","doi":"10.1109/iemcon53756.2021.9623254","DOIUrl":null,"url":null,"abstract":"A Bayesian Attack Graph (BAG) is an essential model for red teams in cyber security to detect the most vulnerable components of a system. It is a probabilistic graphical model in which each node is initially assigned a probability value called local probability. For realistic and better analysis of BAGs, it is essential to evaluate local probabilities precisely. For that purpose, in this paper, we use the Common Vulnerability Scoring System (CVSS) to estimate temporal and environmental scores. We further consider various factors reflecting attackers' characteristics in BAG analysis. In this respect, we inaugurated a new environmental variable named “host type” that influences an attacker's motivation and abolishes the need for earlier network architecture knowledge to determine the factor values.","PeriodicalId":272590,"journal":{"name":"2021 IEEE 12th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON)","volume":"55 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-10-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Precise Estimation of Local Probabilities for Bayesian Attack Graph Analysis\",\"authors\":\"Arnab Paul Joy, Mosarrat Jahan, U. Kabir, S. Mahato\",\"doi\":\"10.1109/iemcon53756.2021.9623254\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"A Bayesian Attack Graph (BAG) is an essential model for red teams in cyber security to detect the most vulnerable components of a system. It is a probabilistic graphical model in which each node is initially assigned a probability value called local probability. For realistic and better analysis of BAGs, it is essential to evaluate local probabilities precisely. For that purpose, in this paper, we use the Common Vulnerability Scoring System (CVSS) to estimate temporal and environmental scores. We further consider various factors reflecting attackers' characteristics in BAG analysis. In this respect, we inaugurated a new environmental variable named “host type” that influences an attacker's motivation and abolishes the need for earlier network architecture knowledge to determine the factor values.\",\"PeriodicalId\":272590,\"journal\":{\"name\":\"2021 IEEE 12th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON)\",\"volume\":\"55 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-10-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 IEEE 12th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/iemcon53756.2021.9623254\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE 12th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/iemcon53756.2021.9623254","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

贝叶斯攻击图(BAG)是网络安全红队检测系统中最脆弱组件的基本模型。它是一种概率图形模型，其中每个节点最初被分配一个称为局部概率的概率值。为了更真实和更好地分析bag，精确地评估局部概率是至关重要的。为此，在本文中，我们使用通用漏洞评分系统(CVSS)来估计时间和环境分数。在BAG分析中，我们进一步考虑了反映攻击者特征的各种因素。在这方面，我们启用了一个名为“主机类型”的新环境变量，它影响攻击者的动机，并消除了对早期网络体系结构知识来确定因素值的需要。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Precise Estimation of Local Probabilities for Bayesian Attack Graph Analysis

A Bayesian Attack Graph (BAG) is an essential model for red teams in cyber security to detect the most vulnerable components of a system. It is a probabilistic graphical model in which each node is initially assigned a probability value called local probability. For realistic and better analysis of BAGs, it is essential to evaluate local probabilities precisely. For that purpose, in this paper, we use the Common Vulnerability Scoring System (CVSS) to estimate temporal and environmental scores. We further consider various factors reflecting attackers' characteristics in BAG analysis. In this respect, we inaugurated a new environmental variable named “host type” that influences an attacker's motivation and abolishes the need for earlier network architecture knowledge to determine the factor values.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2021 IEEE 12th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON)

自引率

0.00%

发文量