Approach of Goal-Oriented Attack Graph-Based Threat Evaluation for Network Security

doi:10.13190/j.jbupt.2015.01.016

JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM ›› 2015, Vol. 38 ›› Issue (1): 82-86.doi: 10.13190/j.jbupt.2015.01.016

• Reports • Previous Articles Next Articles

Approach of Goal-Oriented Attack Graph-Based Threat Evaluation for Network Security

LIU Wei-xin¹, ZHENG Kang-feng¹, HU Ying², WU Bin¹

1. Information Security Center, Beijing University of Posts and Telecommunications, Beijing 100876, China;
2. Armed Police Beijing Command Academy, Beijing 100012, China

Received:2014-04-01 Online:2015-02-28 Published:2015-03-30

Abstract

Abstract:

For being not falling in as final targets of attackers, the critical resources in network environments should be protected. It is vital to quantify the threat and impact during the process of multi-stage attacks. Aiming at combine threat quantification of individual attack action and significance value of hosts, as well as large amount of attack dependencies in attack graphs, a methodology for threat evaluation was proposed. The bi-directional threat evaluation presented in this article is able to compute progress attackers already, as well as the threat to goal-resources in attack graph, which can be well applied to real-time attack threat evaluation. The proposed was finally verified in experiment and simulation.

Key words: threat situation, attack graph, bi-directional threat evaluation

CLC Number:

TN911.22

LIU Wei-xin, ZHENG Kang-feng, HU Ying, WU Bin. Approach of Goal-Oriented Attack Graph-Based Threat Evaluation for Network Security[J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2015, 38(1): 82-86.

References

[1] 陈秀真, 郑庆华, 管晓宏, 等. 层次化网络安全威胁态势量化评估方法[J]. 软件学报, 2006, 17(4): 885-897. Chen Xiuzhen, Zheng Qinghua, Guan Xiaohong, et al. Quantitative hierarchical threat evaluation model for network security[J]. Journal of Software, 2006, 17(4): 885-897.

[2] 刘效武, 王慧强, 禹继国, 等. 基于多源融合的网络安全态势感知模型[J]. 解放军理工大学学报: 自然科学版, 2012, 13(4): 403-407. Liu Xiaowu, Wang Huiqiang, Yu Jiguo, et al. Network security situation awareness model based on multi-source fusion[J]. Journal of PLA University of Science and Technology(Natural Science Edition), 2012, 13(4): 403-407.

[3] Cheng Pengsu, Wang Lingyu, Jajodia S, et al. Aggregating CVSS base scores for semantics-rich network security metrics[C]//Reliable Distributed Systems (SRDS), 2012 IEEE 31^st Symposium on. Irvine, CA: IEEE, 2012: 31-40.

[4] Keramati M, Akbari A, Keramati M. CVSS-based security metrics for quantitative analysis of attack graphs[C]//Computer and Knowledge Engineering (ICCKE), 2013 3^th International Conference on. Mashhad: IEEE, 2013: 178-183.

[5] Ahmadinejad S H, Jalili S, Abadi M. A hybrid model for correlating alerts of known and unknown attack scenarios and updating attack graphs[J]. Computer Networks, 2011, 55(9): 2221-2240.

[6] Wang Lingyu, Liu Anyi, Jajodia S. Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts[J]. Computer Communications, 2006, 29(15): 2917-2933.

[7] 叶云, 徐锡山, 贾焰, 等. 基于攻击图的网络安全概率计算方法[J]. 计算机学报, 2010, 33(10): 1987-1996. Ye Yun, Xu XiShan, Jia Yan, et al. An Attack Graph-Based Probabilistic Computing Approach of Network Security[J]. Chinese Journal of Computers, 2010, 33(10): 1987-1996.

[8] 陈锋. 基于多目标攻击图的层次化网络安全风险评估方法研究[D]. 长沙: 国防科学技术大学, 2009.

Approach of Goal-Oriented Attack Graph-Based Threat Evaluation for Network Security

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 4

Recommended Articles

Metrics

Comments

[1]	YANG Hongyu, YUAN Haihang, ZHANG Liang. A Risk Assessment Method of Network Host Node with Host Importance [J]. Journal of Beijing University of Posts and Telecommunications, 2022, 45(2): 16-21.
[2]	WANG Xiu-juan, SUN Bo, LIAO Yan-wen, XIANG Cong-bin. Computer Network Vulnerability Assessment Based on Bayesian Attribute Network [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2015, 38(4): 110-116.
[3]	. Network Security Analysis Based on Host-Security-Group [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2012, 35(1): 19-23.
[4]	WU Huan, PAN Lin, WANG Xiao-zhen, XU Rong-sheng. A Risk Assessment Model Using Incomplete Attack Graphs Analysis [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2010, 33(3): 57-61.