Title :
Automatic Generation of Host-Based Network Attack Graph
Author :
Zhong, Shangqin ; Yan, Danfeng ; Liu, Chen
Author_Institution :
State Key Lab. of Networking & Switching Technol., Beijing Univ. of Post & Telecommun., Beijing, China
fDate :
March 31 2009-April 2 2009
Abstract :
Attack graph plays an important role in network security, as it directly shows the existence of vulnerabilities in network and how attackers use these vulnerabilities to implement an effective attack, the analysis on the attack graph or the simulation of dynamic attacks through attack graph can help us easily find out the vulnerabilities in network, and take corresponding security measures, in order to strengthen network security. Previous attack graph generation methods are generally not suitable for large network, because of their high complexity of time, high consumption of space, and the large scale of attack graphs. Based on substantive analysis of the vulnerabilities in network, this paper describes a model for automatically generating and analyzing network attack graph. Besides, a prototype system bases on this model has been designed. At last, this prototype system was tested by a model network we built, and it was proved to be simple, flexible, and efficient.
Keywords :
computational complexity; graph theory; telecommunication security; automatic host-based network attack graph generation; dynamic attack simulation; network model; network security; network vulnerability; prototype system testing; security measure; time complexity; Computer networks; Computer science; Computer security; Information analysis; Laboratories; Large-scale systems; Libraries; NIST; Prototypes; Telecommunication switching;
Conference_Titel :
Computer Science and Information Engineering, 2009 WRI World Congress on
Conference_Location :
Los Angeles, CA
Print_ISBN :
978-0-7695-3507-4
DOI :
10.1109/CSIE.2009.102
