Network Security Analysis Based on Security Status Space

Author

Zhang, Tao ; Wu, Chong

Author_Institution

Sch. of Manage., Harbin Inst. of Technol., Harbin

fYear

2008

fDate

20-22 July 2008

Firstpage

552

Lastpage

557

Abstract

As an important method to analyze the security status of computer network, generating of network attack graph is a hot topic in this domain. After analyzing network security attributes including the host, user privilege, connection relation, etc., the model of computer network security status space is built. The node of attack graph expresses the network security status, and the directed-line expresses the attack rule. We use a forward-search, breadth-first and depth-limited algorithm to produce attack route, and utilize the tools Graphviz to generate the attack graph. The experiment validates the prototype of network attack graph automatic generating tools based on security status space.

Keywords

computer networks; security of data; telecommunication security; tree searching; automatic generating tools; breadth-first algorithm; computer network security status space; connection relation; depth-limited algorithm; forward-search algorithm; network attack graph; network security analysis; user privilege; Computer network management; Computer networks; Computer security; Information analysis; Information management; Information security; Operating systems; Protocols; Space technology; Static VAr compensators; attack graph; network security; security analysis; security status space;

fLanguage

English

Publisher

ieee

Conference_Titel

Web-Age Information Management, 2008. WAIM '08. The Ninth International Conference on

Conference_Location

Zhangjiajie Hunan

Print_ISBN

978-0-7695-3185-4

Electronic_ISBN

978-0-7695-3185-4

Type

conf

DOI

10.1109/WAIM.2008.68

Filename

4597065