Novel method of assessing network security risks based on vulnerability correlation graph

Author

Li Liang ; Jungang Yang ; Guqing Liu ; Guangliang Zhu ; Yanfeng Yang

Author_Institution

Xi´an Commun. Inst., Xi´an, China

fYear

2012

fDate

29-31 Dec. 2012

Firstpage

1085

Lastpage

1090

Abstract

In order to improve networks´ total security, a method of assessing network security risks based on vulnerability correlation graph is proposed in this paper. Firstly, it proposed a definition of vulnerability correlation graph based on the basis of network security dependency. Secondly, according to the size of network topology, the method of assessing the potential risk based on the vulnerability correlation graph is explained in detail. The experiment results show that it´s possible to calculate potential risk indexes of three hierarchies: hosts, subnets and networks so that system administrators could adjust the security strategies in order to reduce the potential risk value of the whole network. It is also possible to solve the problem of network state explosion, thus improving expansibility of the assessment method.

Keywords

Internet; computer network security; graph theory; risk management; telecommunication network topology; Internet technology; computer networks; expansibility improvement; network security dependency; network state explosion problem; network topology size; networks total security improvement; novel network security risk assessment method; potential risk value reduction; security strategies; vulnerability correlation graph; network security; risk assessment; vulnerability correlaito graph;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Science and Network Technology (ICCSNT), 2012 2nd International Conference on

Conference_Location

Changchun

Print_ISBN

978-1-4673-2963-7

Type

conf

DOI

10.1109/ICCSNT.2012.6526114

Filename

6526114