Exploring Attack Graphs for Security Risk Assessment: A Probabilistic Approach

Exploring Attack Graphs for Security Risk Assessment: A Probabilistic Approach

导出

摘要 The attack graph methodology can be used to identify the potential attack paths that an attack can propagate. A risk assessment model based on Bayesian attack graph is presented in this paper. Firstly, attack graphs are generated by the MULVAL（Multi-host, Multistage Vulnerability Analysis） tool according to sufficient information of vulnerabilities, network configurations and host connectivity on networks. Secondly, the probabilistic attack graph is established according to the causal relationships among sophisticated multi-stage attacks by using Bayesian Networks. The probability of successful exploits is calculated by combining index of the Common Vulnerability Scoring System, and the static security risk is assessed by applying local conditional probability distribution tables of the attribute nodes. Finally, the overall security risk in a small network scenario is assessed. Experimental results demonstrate our work can deduce attack intention and potential attack paths effectively, and provide effective guidance on how to choose the optimal security hardening strategy. The attack graph methodology can be used to identify the potential attack paths that an attack can propagate. A risk assessment model based on Bayesian attack graph is presented in this paper. Firstly, attack graphs are generated by the MULVAL（Multi-host, Multistage Vulnerability Analysis） tool according to sufficient information of vulnerabilities, network configurations and host connectivity on networks. Secondly, the probabilistic attack graph is established according to the causal relationships among sophisticated multi-stage attacks by using Bayesian Networks. The probability of successful exploits is calculated by combining index of the Common Vulnerability Scoring System, and the static security risk is assessed by applying local conditional probability distribution tables of the attribute nodes. Finally, the overall security risk in a small network scenario is assessed. Experimental results demonstrate our work can deduce attack intention and potential attack paths effectively, and provide effective guidance on how to choose the optimal security hardening strategy.

作者 GAO Ni HE Yiyue

机构地区 School of Information School of Economics and Management

出处《Wuhan University Journal of Natural Sciences》 CAS CSCD 2018年第2期171-177,共7页 武汉大学学报（自然科学英文版）

基金 Supported by the National Natural Science Foundation of China(61373176) the Natural Science Foundation of Shaanxi Province of China(2015JQ7278) the Scientific Research Plan Projects of Shaanxi Educational Committee(17JK0304,14JK1693)

关键词 risk assessment attack graph Bayesian networks prior probability risk assessment attack graph Bayesian networks prior probability

分类号 TP393 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献2

1陈小军,方滨兴,谭庆丰,张浩亮.基于概率攻击图的内部攻击意图推断算法研究[J].计算机学报,2014,37(1):62-72. 被引量：78
2Shaojun Zhang,Shanshan Song.A Novel Attack Graph Posterior Inference Model Based on Bayesian Network[J].Journal of Information Security,2011,2(1):8-27. 被引量：5

二级参考文献14

1Pfleeger S L, et al, Insiders behaving badly: Addressing bad actors and their actions. IEEE Transactions on Information Forensics and Security, 2010, 5(1): 169-179.
2Afghan war diary, 2004-2010 [EB/OLJ. http://wikileaks. org/wiki/ Afghan_ WacDiary_2004-2010. 2010-07.
3Schonlau M, Dumouchel W, Iu W, et al. Computer intrusion: Detecting masquerades. Statistical Science, 2001: 58-74.
4Salem M, Stolfo S. Modeling user search behavior for masquerade detectionllProceeding of the 14th International Symposium Recent Advances in Intrusion Detection. Berlin Heidelberg: Springer, 2011: 181-200.
5Zheng N, Palo ski A, Wang H, An efficient user verification system via mouse movementsllProceedings of the 18th ACM Conference On Computer and communications. Chicago, Illinois, USA, 2011: 139-150.
6Brackney R C, Anderson R H. Understanding the Insider Threat: Proceedings of a March 2004 Workshop. Santa Monica, CA: RAND Corporation, 2004. http://www. rand. org/ pubs/conLproceedings/CF196.
7Maloof M, Stephens G. Elicit: A system for detecting insiders who violate need-to-knowIIProceeding of the 14th International Symposium Recent Advances in Intrusion Detection. Berlin Heidelberg: Springer, 2007: 146-166.
8Poolsappasit N, Dewri R, Ray 1. Dynamic security risk management using Bayesian attack graphs. IEEE Transactions on Dependable and Secure Computing, 2012, 9(1): 61-74.
9Wang L, Noel S, Jajodia S. Minimum-cost network hardening using attack graph. Computer Communications, 2006, 29( 18): 3812-3824.
10Wang L, et al, An attack graph-based probabilistic security metricllData and Applications Security XXII. Berlin Heidelberg: Springer, 2008: 283-296.

共引文献81

1苏婷婷,潘晓中,肖海燕,申军伟.基于属性邻接矩阵的攻击图表示方法研究[J].电子与信息学报,2012,34(7):1744-1747. 被引量：7
2陈小军,时金桥,徐菲,蒲以国,郭莉.面向内部威胁的最优安全策略算法研究[J].计算机研究与发展,2014,51(7):1565-1577. 被引量：22
3庞通.基于Schur收敛性条件的扰动特征泛函凸组合模型[J].科技通报,2015,31(2):4-6.
4刘文静.基于攻击图模型的网络安全风险评估技术分析[J].网络安全技术与应用,2015(7):76-77. 被引量：1
5李艳,黄光球,张斌.基于累积效应的网络脆弱性扩散分析方法[J].计算机应用,2015,35(8):2169-2173.
6付钰,李洪成,吴晓平,王甲生.基于大数据分析的APT攻击检测研究综述[J].通信学报,2015,36(11):1-14. 被引量：78
7高妮,高岭,贺毅岳,雷艳婷,高全力.基于贝叶斯攻击图的动态安全风险评估模型[J].四川大学学报（工程科学版）,2016,48(1):111-118. 被引量：51
8王继钢.基于攻击图模型的网络可能入侵估计研究[J].微电子学与计算机,2016,33(2):116-119. 被引量：3
9邓辉,刘晖,张宝峰,毛军捷,郭颖,熊琦,谢仕华.面向复杂网络的威胁度量及聚合方法[J].清华大学学报（自然科学版）,2016,56(5):511-516.
10文雨,王伟平,孟丹.面向内部威胁检测的用户跨域行为模式挖掘[J].计算机学报,2016,39(8):1555-1569. 被引量：16

1MARCO ANTONIO CABERO ZABALAGA.Exploring Life and Science in China[J].China Today,2018,67(1):58-59.
2ding zhaoyi,he quanfeng,yang yong.Exploring the design of eutectic or near-eutectic multicomponent alloys： From binary to high entropy alloys[J].Science China(Technological Sciences),2018,61(2):159-167. 被引量：4
3Patricia Huntington.Place as Refuge： Exploring the Poetical Legacy of Matsuo Basho[J].Frontiers of Philosophy in China,2017,12(4):572-590.
4邓昊熙.澳大利亚汉语作为外语教学研究的“三性”问题——《探索汉语作为外语教学中的创新性教学》述评[J].华文教学与研究,2017(4):88-94.
5ZHENG ZhiYue,XU Rui,YE ShiLi,HUSSAIN Sabir,JI Wei,CHENG Peng,LI YanJun,SUGAWARA Yasuhiro,CHENG ZhiHai.High harmonic exploring on different materials in dynamic atomic force microscopy[J].Science China(Technological Sciences),2018,61(3):446-452. 被引量：1
6From Bonn to Beijing: Exploring the Gravitational Wave Spectrum and Beyond——An Interview with Dr. Michael Kramer on German-Chinese Collaboration on Low Frequency Gravitational Wave Research[J].Bulletin of the Chinese Academy of Sciences,2017,31(4):226-232.
7Gabriel A.Bernal,Mario A.Salgado-Gálvez,Daniela Zuloaga,Julián Tristancho,Diana González,Omar-Darío Cardona.Integration of Probabilistic and Multi-Hazard Risk Assessment Within Urban Development Planning and Emergency Preparedness and Response: Application to Manizales,Colombia[J].International Journal of Disaster Risk Science,2017,8(3):270-283. 被引量：4
8Fangyi Yuan,Hongzhi Wang,Shucun Tian,Xin Tong.Baymax: A Mental-Analyzing Mobile App Based on Big Data[J].国际计算机前沿大会会议论文集,2017(2):132-133.
9Huiqiang Wang,Xiuxiu Wen,Junyu Lin,Guangsheng Feng,Hongwu Lv.An Energy Efficient Random Walk Based Expanding Ring Search Method for Wireless Networks[J].国际计算机前沿大会会议论文集,2015(1):6-7.
10Slow Kee Lira,Kunli Goh,Tae-Hyun Bae,Rong Wang.Polymer-based membranes for solvent-resistant nanofiltration:A review[J].Chinese Journal of Chemical Engineering,2017,25(11):1653-1675. 被引量：8

Wuhan University Journal of Natural Sciences

2018年第2期

浏览历史

内容加载中请稍等...

Exploring Attack Graphs for Security Risk Assessment: A Probabilistic Approach

参考文献2

二级参考文献14

共引文献81

相关作者

相关机构

相关主题

浏览历史