Title :
Research on Network Risk Assessment Based on Attack Probability
Author_Institution :
Sch. of Inf. Eng., Capital Normal Univ., Beijing, China
Abstract :
A quantitative risk evaluation method for network security is proposed based on analyzing the process that attackers intrude network. The analysis depends on modeling attack activities and attack processes by tracking the transferring of safety states. Three key factors of risk evaluation about assets, threats and vulnerabilities are identified and quantified. Especially the attack probability indexes are recurrently estimated by layering based on the intruding process, and accurate success probabilities of attack are obtained. Then a quantitative evaluation algorithm is presented to estimate risk indexes by layering based on the intruding process. The conclusion obtained by this approach provides a useful evidence and guidance for security strategies. Finally this method is demonstrated and validated in an example network environment.
Keywords :
probability; risk management; security of data; attack probability indexes; intruding process; network risk assessment; network security; quantitative risk evaluation method; Computer science; Computer security; Event detection; Information analysis; Information security; Intrusion detection; Layout; Risk analysis; Risk management; Safety; Attack Probability; Attack State; Network Security; Risk; Risk Assessment;
Conference_Titel :
Computer Science and Engineering, 2009. WCSE '09. Second International Workshop on
Conference_Location :
Qingdao
Print_ISBN :
978-0-7695-3881-5
DOI :
10.1109/WCSE.2009.834
