Method to generate attack graphs for assessing the overall security of networks
In order to evaluate the overall security of networks, a new method for generating attack graphs was proposed.The method used breadth-first algorithm to search the dependence of network vulnerabilities.To solve the state explosion problem, the strategies that limited the number of attack steps and t...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2009-01-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/74652904/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | In order to evaluate the overall security of networks, a new method for generating attack graphs was proposed.The method used breadth-first algorithm to search the dependence of network vulnerabilities.To solve the state explosion problem, the strategies that limited the number of attack steps and the reachability of state nodes were adopted in gener-ating attack graphs.The experimental results show that the generated attack graphs can help security administrators to evaluate the overall security of networks, and the adopted optimization strategies are effective to remove redundant edges and nodes in attack graphs and decrease the system overhead during generating attack graphs. |
|---|---|
| ISSN: | 1000-436X |