Title :
Two algorithms for Network Security Gradient marking
Author :
Hu, Xin ; Sun, Yonglin ; Wang, Yongjun ; Ren, Zhanrui ; Liu, Jie
Author_Institution :
Coll. of Comput. Sci., Nat. Univ. of Defense Technol., Changsha, China
Abstract :
Attack graph increasingly becomes a key technique for network security analysis, however, the prevalent Attacker´s Ability Monotonic Assumption (AAMA) constraint for attack graph generation could not make full use of the direction of network attack and the hierarchy of defence. As a result, using AAMA is not efficient enough in the process of attack graph generation, especially for large-scale complicated network. With the aim of improving the efficiency of attack graph generation and reducing attack graph´s complexity, we proposed the concept of Network Security Gradient (NSG) to reflect the hierarchy of network defence, and the Gradient Attack Assumption (GAA) based on NSG to constraint the process of attack graph generation. To make our theory of NSG more sound and reasonable, we proposed two NSG marking algorithms, respectively from static analysis of network topology and dynamic analysis of network access flow, to rank network nodes automatically. Experiment results showed that both of the two algorithms can mark NSG for network correctly and rationally.
Keywords :
computer network security; graph theory; telecommunication network topology; attack graph complexity reduction; attack graph generation; attacker ability monotonic assumption constraint; complicated network; computer network; dynamic analysis; gradient attack assumption; network access flow; network defence; network nodes ranking; network security gradient marking; network topology; static analysis; Algorithm design and analysis; Complexity theory; Fires; Heuristic algorithms; Network topology; Security; Topology; Attack Graph; Gradient Attack Assumption; Network Security Gradient; Vulnerability Analysis;
Conference_Titel :
Internet Technology and Secured Transactions (ICITST), 2011 International Conference for
Conference_Location :
Abu Dhabi
Print_ISBN :
978-1-4577-0884-8