• DocumentCode
    2675948
  • Title

    A Flexible Approach to Measuring Network Security Using Attack Graphs

  • Author

    Feng, Chen ; Jin-Shu, Su

  • Author_Institution
    Sch. of Comput., Nat. Univ. of Defense Technol., Changsha
  • fYear
    2008
  • fDate
    3-5 Aug. 2008
  • Firstpage
    426
  • Lastpage
    431
  • Abstract
    The previous approaches to measuring network security are most based on the hypothesis that the related source data can be known well and truly. But in practice, it is very difficult to obtain all the related accurate source data (Z Ciechanowicz, 1997). In this paper, we propose a flexible approach based on attack graphs to measuring security of crucial resources in vulnerable network, which could bring out the accurate result of measuring network security with incomplete input data. Another key improvement is presenting the backward iterative algorithm to solve the problem of cyclic attack paths in measuring security using attack graphs. At the same time, the simulation experiment demonstrates the algorithm can be applied to the large attack graphs.
  • Keywords
    graph theory; iterative methods; security of data; attack graphs; backward iterative algorithm; cyclic attack paths; network security measurement; Computer networks; Computer security; Data security; Electronic commerce; Information security; Information technology; Iterative algorithms; NIST; National security; Risk analysis; attack graph; measure; network security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Electronic Commerce and Security, 2008 International Symposium on
  • Conference_Location
    Guangzhou City
  • Print_ISBN
    978-0-7695-3258-5
  • Type

    conf

  • DOI
    10.1109/ISECS.2008.122
  • Filename
    4606101
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2675948