Title :
A Flexible Approach to Measuring Network Security Using Attack Graphs
Author :
Feng, Chen ; Jin-Shu, Su
Author_Institution :
Sch. of Comput., Nat. Univ. of Defense Technol., Changsha
Abstract :
The previous approaches to measuring network security are most based on the hypothesis that the related source data can be known well and truly. But in practice, it is very difficult to obtain all the related accurate source data (Z Ciechanowicz, 1997). In this paper, we propose a flexible approach based on attack graphs to measuring security of crucial resources in vulnerable network, which could bring out the accurate result of measuring network security with incomplete input data. Another key improvement is presenting the backward iterative algorithm to solve the problem of cyclic attack paths in measuring security using attack graphs. At the same time, the simulation experiment demonstrates the algorithm can be applied to the large attack graphs.
Keywords :
graph theory; iterative methods; security of data; attack graphs; backward iterative algorithm; cyclic attack paths; network security measurement; Computer networks; Computer security; Data security; Electronic commerce; Information security; Information technology; Iterative algorithms; NIST; National security; Risk analysis; attack graph; measure; network security;
Conference_Titel :
Electronic Commerce and Security, 2008 International Symposium on
Conference_Location :
Guangzhou City
Print_ISBN :
978-0-7695-3258-5
DOI :
10.1109/ISECS.2008.122
