مرکز منطقه ای اطلاع رساني علوم و فناوري - A Method Based on Global Attack Graph for Network Hardening

DocumentCode :

3444597

Title :

A Method Based on Global Attack Graph for Network Hardening

Author :

Man, Dapeng ; Yang Wu ; Yang, Wu

Author_Institution :

Inf. Security Res. Center, Harbin Eng. Univ., Harbin

fYear :

2008

fDate :

12-14 Oct. 2008

Firstpage :

Lastpage :

Abstract :

In order to improve the overall security of networks, a method of making strategies for network hardening based on global attack graphs is proposed. This method calculates the reachability of network states by using a global attack graph firstly, and then the security loss of network states and the criticality of security elements are got. Security elements are removed based on the rule of maximum-criticality-first. The operability of security enhancement strategies made by this method is better than traditional methods.

Keywords :

computer networks; network theory (graphs); telecommunication security; global attack graph; maximum-criticality-first rule; network hardening; network security; Costs; Greedy algorithms; Information security; Samarium;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Wireless Communications, Networking and Mobile Computing, 2008. WiCOM '08. 4th International Conference on

Conference_Location :

Dalian

Print_ISBN :

978-1-4244-2107-7

Electronic_ISBN :

978-1-4244-2108-4

Type :

conf

DOI :

10.1109/WiCom.2008.1086

Filename :

4678994

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3444597