Title :
Evaluating Method of Security Threat Based on Attacking-Path Graph Model
Author :
Liu Xue Zhong ; Liu Zeng Liang
Author_Institution :
Univ. of Sci. & Technol. Beijing, Beijing
Abstract :
In order to solve the problems of evaluating system security threat in the complex system, a novel system security threat model based on the attacking-tree graph is proposed in this paper. In this model, an evaluating standard of the feasibility and harmful level of the vulnerability exploitation is given. Then an attacking-tree graph of the target system is constructed based on the relationship among exploitations of vulnerabilities. Using methods in the graph theory and probability theory, a thorough analysis of system security threats is also given. The impact of all kind of threats on the system security can be got from this model. So, several difficult problems in the evaluations of attacking-path threats, vulnerability threats are solved.
Keywords :
graph theory; information systems; probability; security of data; attacking-path graph model; graph theory; information system security threat; probability theory; system security threat evaluation; thorough analysis; vulnerability threat; Computer science; Computer security; Control systems; Graph theory; Information security; Information systems; National security; Protection; Software engineering; attacking-path graph; evaluation of threat; graph theory; probability theory;
Conference_Titel :
Computer Science and Software Engineering, 2008 International Conference on
Conference_Location :
Wuhan, Hubei
Print_ISBN :
978-0-7695-3336-0
DOI :
10.1109/CSSE.2008.775
