Title :
Measure Large Scale Network Security Using Adjacency Matrix Attack Graphs
Author :
Long, Tao ; Chen, David ; Song, Ronggong
Author_Institution :
Concordia Inst. for Inf. Syst. Eng., Concordia Univ., Montreal, QC, Canada
Abstract :
An Attack Graph capable of disclosing causal relationships between multiple vulnerabilities has become a desirable tool for administrators to analyze and locate potential risks to protect critical networked resources against internal or external multi-step attacks. However, probabilistic security metric computations, using currently applied attack graphs, have complexity problems due to their scale. It is hard or even impossible for current attack graphs to be applied to large scale networks. This paper proposes a novel approach that combines the advantages of exploit-dependency attack graphs and adjacency matrices, which results in quadratic complexity. We first give a motivating example to introduce the approach. We then define the adjacency matrix attack graphs. We show that computing probabilistic cumulative scores by means of adjacency matrix attack graphs is efficient and readily scalable.
Keywords :
computer network security; graph theory; adjacency matrix attack graphs; large scale network security; probabilistic security metric computations; quadratic complexity; Computer networks; Councils; Information security; Information systems; Large-scale systems; National security; Protection; Risk analysis; Systems engineering and theory; Visualization;
Conference_Titel :
Future Information Technology (FutureTech), 2010 5th International Conference on
Conference_Location :
Busan
Print_ISBN :
978-1-4244-6948-2
DOI :
10.1109/FUTURETECH.2010.5482734
