DocumentCode
1963421
Title
Evaluating Method of Security Threat Based on Attacking-Path Graph Model
Author
Liu Xue Zhong ; Liu Zeng Liang
Author_Institution
Univ. of Sci. & Technol. Beijing, Beijing
Volume
3
fYear
2008
fDate
12-14 Dec. 2008
Firstpage
1127
Lastpage
1132
Abstract
In order to solve the problems of evaluating system security threat in the complex system, a novel system security threat model based on the attacking-tree graph is proposed in this paper. In this model, an evaluating standard of the feasibility and harmful level of the vulnerability exploitation is given. Then an attacking-tree graph of the target system is constructed based on the relationship among exploitations of vulnerabilities. Using methods in the graph theory and probability theory, a thorough analysis of system security threats is also given. The impact of all kind of threats on the system security can be got from this model. So, several difficult problems in the evaluations of attacking-path threats, vulnerability threats are solved.
Keywords
graph theory; information systems; probability; security of data; attacking-path graph model; graph theory; information system security threat; probability theory; system security threat evaluation; thorough analysis; vulnerability threat; Computer science; Computer security; Control systems; Graph theory; Information security; Information systems; National security; Protection; Software engineering; attacking-path graph; evaluation of threat; graph theory; probability theory;
fLanguage
English
Publisher
ieee
Conference_Titel
Computer Science and Software Engineering, 2008 International Conference on
Conference_Location
Wuhan, Hubei
Print_ISBN
978-0-7695-3336-0
Type
conf
DOI
10.1109/CSSE.2008.775
Filename
4722539
Link To Document