Title :
An Adjacency Matrixes-Based Model for Network Security Analysis
Author :
Xie, Anming ; Tang, Cong ; Gui, Nike ; Cai, Zhuhua ; Hu, Jianbin ; Chen, Zhong
Author_Institution :
Sch. of Electron. Eng. & Comput. Sci., Peking Univ., Beijing, China
Abstract :
To protect our networks against malicious intrusions, we need to evaluate these networks security. Previous works on attack graphs have provided meaningful conclusions on security measurement. However, large attack graphs are still hard to be understood vividly, and few suggestions have been proposed to prevent inside malicious attackers from attacking networks. To address these problems, we propose a novel approach to evaluate network security based on adjacency matrixes, which are constructed from existing attack graphs. With our model, we use gray scale images to show overall security vividly, and get quantitative evaluation scores. Moreover, we create a prioritized list of potential threatening hosts, which can help network administrators to harden network step by step. Analysis on computation cost shows that the upper bound computation cost of our measurement methodology is O(N3), which could be completed in real time. We also give an example to show how to put our methods in practice.
Keywords :
computational complexity; graph theory; matrix algebra; telecommunication security; adjacency matrixes-based model; attack graphs; gray scale images; malicious intrusions; measurement methodology; network security analysis; security measurement; Communications Society; Computational efficiency; Computational modeling; Computer science; Computer science education; Computer security; Educational technology; Laboratories; Paper technology; Protection;
Conference_Titel :
Communications (ICC), 2010 IEEE International Conference on
Conference_Location :
Cape Town
Print_ISBN :
978-1-4244-6402-9
DOI :
10.1109/ICC.2010.5502655
