• DocumentCode
    2855532
  • Title

    An Efficient Approach to Minimum-Cost Network Hardening Using Attack Graphs

  • Author

    Chen, Feng ; Wang, Lingyu ; Su, Jinshu

  • Author_Institution
    Sch. of Comput., Nat. Univ. of Defense Technol., Changsha
  • fYear
    2008
  • fDate
    8-10 Sept. 2008
  • Firstpage
    209
  • Lastpage
    212
  • Abstract
    Attack graphs can reveal the threat of sophisticated multi-step attacks by enumerating possible sequences of exploits leading to the compromise of given critical resources. Finding a solution to remove such threats by hands is tedious and error prone, particularly for larger and poorly secured networks. Existing automated approaches for hardening a network has an exponential complexity and is not scalable to large networks. This paper proposes a novel approach of applying the Reduced Ordered Binary Decision Diagram (ROBDD) method to network hardening. Existing mature optimization techniques in ROBDD makes the proposed approach an efficient solution that can potentially be applied to large networks.
  • Keywords
    binary decision diagrams; optimisation; security of data; attack graphs; critical resources; minimum-cost network hardening; optimization techniques; reduced ordered binary decision diagram method; sophisticated multi-step attacks; Boolean functions; Computer errors; Computer networks; Computer security; Costs; Data structures; Information security; Information systems; Logic; National security; Attack Graphs; Minimum-Cost; network securty; vulnerability;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Assurance and Security, 2008. ISIAS '08. Fourth International Conference on
  • Conference_Location
    Naples
  • Print_ISBN
    978-0-7695-3324-7
  • Type

    conf

  • DOI
    10.1109/IAS.2008.38
  • Filename
    4627087
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2855532