Title :
Reverse Search Based Network Attack Graph Generation
Author :
Zhang, Baojun ; Lu, Kuijun ; Pan, Xuezeng ; Wu, Zhaohui
Author_Institution :
Comput. Sci., Zhejiang Univ., Hangzhou, China
Abstract :
General network attack graph has a large state space. It affects the efficiency of network attack graph generation greatly. In order to solve this problem, a reverse search based network attack graph generation method is proposed. It starts from the target hosts that the goal of attackers, by analyzing the vulnerabilities and connectivity of them, finds all the middleman hosts, then repeats the search process until the hosts hold by the attackers are reached. In this way, numbers of attack chains are got, and they construct the attack graph. The method focuses on the handful of main targets and cuts down large number of unnecessary network states. By this way, the attack graph is generated quickly and effectively.
Keywords :
computer network management; graph theory; security of data; attack chain; general network attack graph; middleman host; network attack graph generation; reverse search; state space; Binary decision diagrams; Collaboration; Computer science; Computer security; Database languages; Large-scale systems; Protection; Safety; State-space methods; Testing;
Conference_Titel :
Computational Intelligence and Software Engineering, 2009. CiSE 2009. International Conference on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-4507-3
Electronic_ISBN :
978-1-4244-4507-3
DOI :
10.1109/CISE.2009.5365235
