{"title":"基于中心性度量的分层攻击表示模型的可扩展安全性分析","authors":"Jin B. Hong, Dong Seong Kim","doi":"10.1109/DSNW.2013.6615507","DOIUrl":null,"url":null,"abstract":"Network security can be analysed using attack representation models (ARMs) (e.g., Attack Graphs (AGs) and Attack Trees (ATs)). One can analyse the network security by computing all possible attack scenarios, but it suffers from a scalability problem. We propose centrality based network security analysis by ranking important hosts based on network centrality measures, and vulnerabilities based on security metric values. We used two-layer hierarchical attack representation model to evaluate the network security, by taking into account importance of hosts and vulnerabilities in the upper and the lower layers, respectively. We define a new centrality measure based on the location of an attacker and a target. We simulate security analysis using centrality measures comparing with an exhaustive search method. Further, we investigate the performance when the location of the attacker is different in the network.","PeriodicalId":377784,"journal":{"name":"2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W)","volume":"20 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"20","resultStr":"{\"title\":\"Scalable security analysis in hierarchical attack representation model using centrality measures\",\"authors\":\"Jin B. Hong, Dong Seong Kim\",\"doi\":\"10.1109/DSNW.2013.6615507\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Network security can be analysed using attack representation models (ARMs) (e.g., Attack Graphs (AGs) and Attack Trees (ATs)). One can analyse the network security by computing all possible attack scenarios, but it suffers from a scalability problem. We propose centrality based network security analysis by ranking important hosts based on network centrality measures, and vulnerabilities based on security metric values. We used two-layer hierarchical attack representation model to evaluate the network security, by taking into account importance of hosts and vulnerabilities in the upper and the lower layers, respectively. We define a new centrality measure based on the location of an attacker and a target. We simulate security analysis using centrality measures comparing with an exhaustive search method. Further, we investigate the performance when the location of the attacker is different in the network.\",\"PeriodicalId\":377784,\"journal\":{\"name\":\"2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W)\",\"volume\":\"20 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-06-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"20\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/DSNW.2013.6615507\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DSNW.2013.6615507","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Scalable security analysis in hierarchical attack representation model using centrality measures
Network security can be analysed using attack representation models (ARMs) (e.g., Attack Graphs (AGs) and Attack Trees (ATs)). One can analyse the network security by computing all possible attack scenarios, but it suffers from a scalability problem. We propose centrality based network security analysis by ranking important hosts based on network centrality measures, and vulnerabilities based on security metric values. We used two-layer hierarchical attack representation model to evaluate the network security, by taking into account importance of hosts and vulnerabilities in the upper and the lower layers, respectively. We define a new centrality measure based on the location of an attacker and a target. We simulate security analysis using centrality measures comparing with an exhaustive search method. Further, we investigate the performance when the location of the attacker is different in the network.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
