{"title":"基于访问图的网络信息系统风险分析","authors":"Xiaochun Xiao, Tiange Zhang, Gendu Zhang","doi":"10.1109/SECTECH.2008.18","DOIUrl":null,"url":null,"abstract":"Currently, the risk analysis for network Information system has experienced a stage from rule-based questionnaire investigation to model-based assessment. Many graph-based models have been proposed and applied to risk analysis. Attack Graph is widely used one. But attack graphs grow exponentially with the size of the network. In this paper, we propose a comprehensive framework for network vulnerabilities modeling and risk analysis based on the access graph. As a complement to the attack graph approach, the access graph is host-centric approach, which grows polynomially with the number of hosts and so has the benefit of being computationally feasible on large networks. Compared with related works, our approach improves in both performance and computational cost.","PeriodicalId":377461,"journal":{"name":"2008 International Conference on Security Technology","volume":"56 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-12-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Extended Abstract: Access Graph Based Risk Analysis for Network Information System\",\"authors\":\"Xiaochun Xiao, Tiange Zhang, Gendu Zhang\",\"doi\":\"10.1109/SECTECH.2008.18\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Currently, the risk analysis for network Information system has experienced a stage from rule-based questionnaire investigation to model-based assessment. Many graph-based models have been proposed and applied to risk analysis. Attack Graph is widely used one. But attack graphs grow exponentially with the size of the network. In this paper, we propose a comprehensive framework for network vulnerabilities modeling and risk analysis based on the access graph. As a complement to the attack graph approach, the access graph is host-centric approach, which grows polynomially with the number of hosts and so has the benefit of being computationally feasible on large networks. Compared with related works, our approach improves in both performance and computational cost.\",\"PeriodicalId\":377461,\"journal\":{\"name\":\"2008 International Conference on Security Technology\",\"volume\":\"56 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-12-13\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 International Conference on Security Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SECTECH.2008.18\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 International Conference on Security Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SECTECH.2008.18","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Extended Abstract: Access Graph Based Risk Analysis for Network Information System
Currently, the risk analysis for network Information system has experienced a stage from rule-based questionnaire investigation to model-based assessment. Many graph-based models have been proposed and applied to risk analysis. Attack Graph is widely used one. But attack graphs grow exponentially with the size of the network. In this paper, we propose a comprehensive framework for network vulnerabilities modeling and risk analysis based on the access graph. As a complement to the attack graph approach, the access graph is host-centric approach, which grows polynomially with the number of hosts and so has the benefit of being computationally feasible on large networks. Compared with related works, our approach improves in both performance and computational cost.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
