{"title":"基于攻击图的动态环境下漏洞影响评估方法","authors":"Antoine Boudermine, R. Khatoun, Jean-Henri Choyer","doi":"10.1109/ciot53061.2022.9766588","DOIUrl":null,"url":null,"abstract":"Nowadays, networks are exposed to a set of risks and threats that can potentially cause damage and losses for companies. The security of networks must be assessed in order to measure the effectiveness of the protective measures that have been implemented. However, the impact of the dynamic behavior of these systems on the attacker's strategy is rarely considered. In this paper, we propose an attack graph-based solution that consider the evolution of system properties such as network topology changes, vulnerability discovery and patching, as well as attack detection and wiping of some system components. The topology of the attack graph evolves over time considering the evolution of the system state. Several simulations of the attacker infiltration in the system are performed by following the attack paths present in the attack graph in order to assess the security of the system. The proposed solution has been tested on a use case where a user is in remote work. By considering the changes in the network topology, new attack paths can be identified.","PeriodicalId":180813,"journal":{"name":"2022 5th Conference on Cloud and Internet of Things (CIoT)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Attack Graph-based Solution for Vulnerabilities Impact Assessment in Dynamic Environment\",\"authors\":\"Antoine Boudermine, R. Khatoun, Jean-Henri Choyer\",\"doi\":\"10.1109/ciot53061.2022.9766588\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Nowadays, networks are exposed to a set of risks and threats that can potentially cause damage and losses for companies. The security of networks must be assessed in order to measure the effectiveness of the protective measures that have been implemented. However, the impact of the dynamic behavior of these systems on the attacker's strategy is rarely considered. In this paper, we propose an attack graph-based solution that consider the evolution of system properties such as network topology changes, vulnerability discovery and patching, as well as attack detection and wiping of some system components. The topology of the attack graph evolves over time considering the evolution of the system state. Several simulations of the attacker infiltration in the system are performed by following the attack paths present in the attack graph in order to assess the security of the system. The proposed solution has been tested on a use case where a user is in remote work. By considering the changes in the network topology, new attack paths can be identified.\",\"PeriodicalId\":180813,\"journal\":{\"name\":\"2022 5th Conference on Cloud and Internet of Things (CIoT)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-03-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 5th Conference on Cloud and Internet of Things (CIoT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ciot53061.2022.9766588\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 5th Conference on Cloud and Internet of Things (CIoT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ciot53061.2022.9766588","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Attack Graph-based Solution for Vulnerabilities Impact Assessment in Dynamic Environment
Nowadays, networks are exposed to a set of risks and threats that can potentially cause damage and losses for companies. The security of networks must be assessed in order to measure the effectiveness of the protective measures that have been implemented. However, the impact of the dynamic behavior of these systems on the attacker's strategy is rarely considered. In this paper, we propose an attack graph-based solution that consider the evolution of system properties such as network topology changes, vulnerability discovery and patching, as well as attack detection and wiping of some system components. The topology of the attack graph evolves over time considering the evolution of the system state. Several simulations of the attacker infiltration in the system are performed by following the attack paths present in the attack graph in order to assess the security of the system. The proposed solution has been tested on a use case where a user is in remote work. By considering the changes in the network topology, new attack paths can be identified.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
