基于攻击图的物联网设备漏洞关联评估

IF 1.9 4区计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

International Journal of Distributed Sensor Networks Pub Date : 2022-05-01 DOI:10.1177/15501329221097817

Yao Ma, Yuting Wu, Dan Yu, Lv Ding, Yongle Chen

{"title":"基于攻击图的物联网设备漏洞关联评估","authors":"Yao Ma, Yuting Wu, Dan Yu, Lv Ding, Yongle Chen","doi":"10.1177/15501329221097817","DOIUrl":null,"url":null,"abstract":"Device vulnerabilities emerge one after another in the Internet of thing environment, the attackers attack vulnerabilities on several low-level devices simultaneously by multi-step attack method to trigger the vulnerabilities on other high-level devices to damage or control the information system. Considering the correlation between device vulnerabilities, we proposed a method based on attack graph to evaluate vulnerability risk in order to ensure Internet of thing network security. First, according to the type, version, and other relevant information of device vulnerabilities in the Internet of thing environment, hidden Markov model can be used to model the association between device states. Second, analyze the possible attacks on the vulnerabilities on the device, and generate the attack graph according to the correlation between the device states and the relevant information of the vulnerabilities in the device. Finally, the vulnerabilities are objectively and accurately evaluated according to the attack graph. The experiments results show that the proposed method can map the relationship between devices more accurately and objectively and improve the efficiency and accuracy of the vulnerability evaluation.","PeriodicalId":50327,"journal":{"name":"International Journal of Distributed Sensor Networks","volume":" ","pages":""},"PeriodicalIF":1.9000,"publicationDate":"2022-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Vulnerability association evaluation of Internet of thing devices based on attack graph\",\"authors\":\"Yao Ma, Yuting Wu, Dan Yu, Lv Ding, Yongle Chen\",\"doi\":\"10.1177/15501329221097817\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Device vulnerabilities emerge one after another in the Internet of thing environment, the attackers attack vulnerabilities on several low-level devices simultaneously by multi-step attack method to trigger the vulnerabilities on other high-level devices to damage or control the information system. Considering the correlation between device vulnerabilities, we proposed a method based on attack graph to evaluate vulnerability risk in order to ensure Internet of thing network security. First, according to the type, version, and other relevant information of device vulnerabilities in the Internet of thing environment, hidden Markov model can be used to model the association between device states. Second, analyze the possible attacks on the vulnerabilities on the device, and generate the attack graph according to the correlation between the device states and the relevant information of the vulnerabilities in the device. Finally, the vulnerabilities are objectively and accurately evaluated according to the attack graph. The experiments results show that the proposed method can map the relationship between devices more accurately and objectively and improve the efficiency and accuracy of the vulnerability evaluation.\",\"PeriodicalId\":50327,\"journal\":{\"name\":\"International Journal of Distributed Sensor Networks\",\"volume\":\" \",\"pages\":\"\"},\"PeriodicalIF\":1.9000,\"publicationDate\":\"2022-05-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Distributed Sensor Networks\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1177/15501329221097817\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Distributed Sensor Networks","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1177/15501329221097817","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 4

摘要

在物联网环境中，设备漏洞层出不穷，攻击者通过多步攻击的方式，同时攻击多个底层设备上的漏洞，触发其他高层设备上的弱点，破坏或控制信息系统。考虑到设备漏洞之间的相关性，我们提出了一种基于攻击图的漏洞风险评估方法，以确保物联网网络的安全。首先，根据物联网环境中设备漏洞的类型、版本等相关信息，可以使用隐马尔可夫模型对设备状态之间的关联进行建模。其次，分析设备上的漏洞可能受到的攻击，并根据设备状态与设备中漏洞的相关信息之间的相关性生成攻击图。最后，根据攻击图对漏洞进行了客观、准确的评估。实验结果表明，该方法能够更准确、客观地映射设备之间的关系，提高了漏洞评估的效率和准确性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Vulnerability association evaluation of Internet of thing devices based on attack graph

Device vulnerabilities emerge one after another in the Internet of thing environment, the attackers attack vulnerabilities on several low-level devices simultaneously by multi-step attack method to trigger the vulnerabilities on other high-level devices to damage or control the information system. Considering the correlation between device vulnerabilities, we proposed a method based on attack graph to evaluate vulnerability risk in order to ensure Internet of thing network security. First, according to the type, version, and other relevant information of device vulnerabilities in the Internet of thing environment, hidden Markov model can be used to model the association between device states. Second, analyze the possible attacks on the vulnerabilities on the device, and generate the attack graph according to the correlation between the device states and the relevant information of the vulnerabilities in the device. Finally, the vulnerabilities are objectively and accurately evaluated according to the attack graph. The experiments results show that the proposed method can map the relationship between devices more accurately and objectively and improve the efficiency and accuracy of the vulnerability evaluation.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

International Journal of Distributed Sensor Networks 工程技术-电信学

CiteScore

6.50

自引率

4.30%

发文量

审稿时长

3.6 months

期刊介绍： International Journal of Distributed Sensor Networks (IJDSN) is a JCR ranked, peer-reviewed, open access journal that focuses on applied research and applications of sensor networks. The goal of this journal is to provide a forum for the publication of important research contributions in developing high performance computing solutions to problems arising from the complexities of these sensor network systems. Articles highlight advances in uses of sensor network systems for solving computational tasks in manufacturing, engineering and environmental systems.