• DocumentCode
    1963421
  • Title

    Evaluating Method of Security Threat Based on Attacking-Path Graph Model

  • Author

    Liu Xue Zhong ; Liu Zeng Liang

  • Author_Institution
    Univ. of Sci. & Technol. Beijing, Beijing
  • Volume
    3
  • fYear
    2008
  • fDate
    12-14 Dec. 2008
  • Firstpage
    1127
  • Lastpage
    1132
  • Abstract
    In order to solve the problems of evaluating system security threat in the complex system, a novel system security threat model based on the attacking-tree graph is proposed in this paper. In this model, an evaluating standard of the feasibility and harmful level of the vulnerability exploitation is given. Then an attacking-tree graph of the target system is constructed based on the relationship among exploitations of vulnerabilities. Using methods in the graph theory and probability theory, a thorough analysis of system security threats is also given. The impact of all kind of threats on the system security can be got from this model. So, several difficult problems in the evaluations of attacking-path threats, vulnerability threats are solved.
  • Keywords
    graph theory; information systems; probability; security of data; attacking-path graph model; graph theory; information system security threat; probability theory; system security threat evaluation; thorough analysis; vulnerability threat; Computer science; Computer security; Control systems; Graph theory; Information security; Information systems; National security; Protection; Software engineering; attacking-path graph; evaluation of threat; graph theory; probability theory;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Science and Software Engineering, 2008 International Conference on
  • Conference_Location
    Wuhan, Hubei
  • Print_ISBN
    978-0-7695-3336-0
  • Type

    conf

  • DOI
    10.1109/CSSE.2008.775
  • Filename
    4722539