Title :
Boosting Logical Attack Graph for Efficient Security Control
Author :
Zhang, Zonghua ; Wang, Shuzhen
Author_Institution :
Telecom Lille 1, Lille, France
Abstract :
This paper reports an approach, which is termed AG-HMM, to achieve cost-effective security control by exploring logical attack graph to represent network observations, and Hidden Markov Model (HMM) to estimate attack states. One advantage of our approach is to construct a probabilistic mapping between network observations and attack states, potentially revealing the most significant vulnerabilities and allowing security administrators (SA) to efficiently deal with them through cost-benefit analysis. A preliminary experiment is conducted to evaluate our approach in a typical enterprise network.
Keywords :
business data processing; graph theory; hidden Markov models; security of data; AG-HMM; HMM; SA; attack states; cost-effective security control; enterprise network; hidden Markov model; logical attack graph boosting; network observations; probabilistic mapping; security administrators; Hidden Markov models; Internet; Measurement; Probabilistic logic; Security; Servers; Uncertainty; Vulnerability analysis; attack graph; security management;
Conference_Titel :
Availability, Reliability and Security (ARES), 2012 Seventh International Conference on
Conference_Location :
Prague
Print_ISBN :
978-1-4673-2244-7
DOI :
10.1109/ARES.2012.72
