• DocumentCode
    1831268
  • Title

    Using CVSS in Attack Graphs

  • Author

    Gallon, Laurent ; Bascou, Jean-Jacques

  • Author_Institution
    LIUPPA, Univ. of Pau Mont de Marsan, Mont-de-Marsan, France
  • fYear
    2011
  • fDate
    22-26 Aug. 2011
  • Firstpage
    59
  • Lastpage
    66
  • Abstract
    Derived from attack models, attack graphs are providing an efficient way to model attack scenarios intended against computer networks. Such graphs are using CVE database in which all known vulnerabilities are gathered. The CVSS framework is aiming to give numeric scores to each vulnerability recorded in the CVE database, which represent its characteristics and quantify its security impacts. In this paper we adapt attack graphs definition in order to be able to use them in conjunction with CVSS framework. The aim of our work is to provide a way to give an assessment of the impact of attacks on the hosts of the target network. This assessment is made using a host damage score and a network damage score, which take into account the characteristics and consequences of each atomic attack constituting an attack scenario.
  • Keywords
    computer network security; graph theory; CVE database; CVSS framework; attack graphs; computer networks; host damage score; network damage score; Availability; Computational modeling; Databases; Gold; Measurement; Security; System recovery; CVSS framework; IT vulnerabilities; attack graphs;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Availability, Reliability and Security (ARES), 2011 Sixth International Conference on
  • Conference_Location
    Vienna
  • Print_ISBN
    978-1-4577-0979-1
  • Electronic_ISBN
    978-0-7695-4485-4
  • Type

    conf

  • DOI
    10.1109/ARES.2011.18
  • Filename
    6045939
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1831268