Scalable security analysis in hierarchical attack representation model using centrality measures

Author

Hong, Jin B. ; Dong Seong Kim

Author_Institution

Comput. Sci. & Software Eng. Dept., Univ. of Canterbury, Christchurch, New Zealand

fYear

2013

fDate

24-27 June 2013

Firstpage

1

Lastpage

8

Abstract

Network security can be analysed using attack representation models (ARMs) (e.g., Attack Graphs (AGs) and Attack Trees (ATs)). One can analyse the network security by computing all possible attack scenarios, but it suffers from a scalability problem. We propose centrality based network security analysis by ranking important hosts based on network centrality measures, and vulnerabilities based on security metric values. We used two-layer hierarchical attack representation model to evaluate the network security, by taking into account importance of hosts and vulnerabilities in the upper and the lower layers, respectively. We define a new centrality measure based on the location of an attacker and a target. We simulate security analysis using centrality measures comparing with an exhaustive search method. Further, we investigate the performance when the location of the attacker is different in the network.

Keywords

computer network security; search problems; ARM; attack graphs; attack representation models; attack trees; centrality measures; hierarchical attack representation model; network security; scalable security analysis; search method; security metric values; Computational modeling; Security; Attack Graph; Attack Tree; Network Centrality; Security Analysis; Security Modelling Techniques;

fLanguage

English

Publisher

ieee

Conference_Titel

Dependable Systems and Networks Workshop (DSN-W), 2013 43rd Annual IEEE/IFIP Conference on

Conference_Location

Budapest

ISSN

2325-6648

Type

conf

DOI

10.1109/DSNW.2013.6615507

Filename

6615507