Host security threat analysis approach for network dynamic defense
Calculating the host security threat in network dynamic defense (NDD) situation has to consider the vulnerabilities’ uncertainty because of dynamic mutation.Firstly,the vulnerabilities’ uncertainty caused by the mutation space and the mutation period was calculated by random sampling model,and combi...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2018-04-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2018031 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841530105700024320 |
|---|---|
| author | Lixun LI Bin ZHANG Shuqin DONG |
| author_facet | Lixun LI Bin ZHANG Shuqin DONG |
| author_sort | Lixun LI |
| collection | DOAJ |
| description | Calculating the host security threat in network dynamic defense (NDD) situation has to consider the vulnerabilities’ uncertainty because of dynamic mutation.Firstly,the vulnerabilities’ uncertainty caused by the mutation space and the mutation period was calculated by random sampling model,and combined with the CVSS,the attack success probability formula of single vulnerability was derived.Secondly,to avoid self-loop during the path searching process in multiple vulnerabilities situation,an improved recursive depth first algorithm which combined with node visited queue was proposed.Then,the host security threat was calculated based on attack success probability in the situation of multiple vulnerabilities and paths.Finally,approach’s availability and effectiveness were verified by an experiment conducted in a typical NDD situation. |
| format | Article |
| id | doaj-art-039a661f90ff4060b272c0b9118f007f |
| institution | Kabale University |
| issn | 2096-109X |
| language | English |
| publishDate | 2018-04-01 |
| publisher | POSTS&TELECOM PRESS Co., LTD |
| record_format | Article |
| series | 网络与信息安全学报 |
| spelling | doaj-art-039a661f90ff4060b272c0b9118f007f2025-01-15T03:12:43ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2018-04-014485559553162Host security threat analysis approach for network dynamic defenseLixun LIBin ZHANGShuqin DONGCalculating the host security threat in network dynamic defense (NDD) situation has to consider the vulnerabilities’ uncertainty because of dynamic mutation.Firstly,the vulnerabilities’ uncertainty caused by the mutation space and the mutation period was calculated by random sampling model,and combined with the CVSS,the attack success probability formula of single vulnerability was derived.Secondly,to avoid self-loop during the path searching process in multiple vulnerabilities situation,an improved recursive depth first algorithm which combined with node visited queue was proposed.Then,the host security threat was calculated based on attack success probability in the situation of multiple vulnerabilities and paths.Finally,approach’s availability and effectiveness were verified by an experiment conducted in a typical NDD situation.http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2018031cyber securitynetwork dynamic defensehost security threat analysisattack success probabilityat-tacker privilege transfer graph |
| spellingShingle | Lixun LI Bin ZHANG Shuqin DONG Host security threat analysis approach for network dynamic defense 网络与信息安全学报 cyber security network dynamic defense host security threat analysis attack success probability at-tacker privilege transfer graph |
| title | Host security threat analysis approach for network dynamic defense |
| title_full | Host security threat analysis approach for network dynamic defense |
| title_fullStr | Host security threat analysis approach for network dynamic defense |
| title_full_unstemmed | Host security threat analysis approach for network dynamic defense |
| title_short | Host security threat analysis approach for network dynamic defense |
| title_sort | host security threat analysis approach for network dynamic defense |
| topic | cyber security network dynamic defense host security threat analysis attack success probability at-tacker privilege transfer graph |
| url | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2018031 |
| work_keys_str_mv | AT lixunli hostsecuritythreatanalysisapproachfornetworkdynamicdefense AT binzhang hostsecuritythreatanalysisapproachfornetworkdynamicdefense AT shuqindong hostsecuritythreatanalysisapproachfornetworkdynamicdefense |