Method to generate attack graphs for assessing the overall security of networks
In order to evaluate the overall security of networks, a new method for generating attack graphs was proposed.The method used breadth-first algorithm to search the dependence of network vulnerabilities.To solve the state explosion problem, the strategies that limited the number of attack steps and t...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2009-01-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/74652904/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841537596716482560 |
|---|---|
| author | MAN Da-peng1 ZHOU Yuan2 YANG Wu1 YANG Yong-tian1 |
| author_facet | MAN Da-peng1 ZHOU Yuan2 YANG Wu1 YANG Yong-tian1 |
| author_sort | MAN Da-peng1 |
| collection | DOAJ |
| description | In order to evaluate the overall security of networks, a new method for generating attack graphs was proposed.The method used breadth-first algorithm to search the dependence of network vulnerabilities.To solve the state explosion problem, the strategies that limited the number of attack steps and the reachability of state nodes were adopted in gener-ating attack graphs.The experimental results show that the generated attack graphs can help security administrators to evaluate the overall security of networks, and the adopted optimization strategies are effective to remove redundant edges and nodes in attack graphs and decrease the system overhead during generating attack graphs. |
| format | Article |
| id | doaj-art-25c726de90284a6db05546b0ad64d437 |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2009-01-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-25c726de90284a6db05546b0ad64d4372025-01-14T08:29:59ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2009-01-01301574652904Method to generate attack graphs for assessing the overall security of networksMAN Da-peng1ZHOU Yuan2YANG Wu1YANG Yong-tian1In order to evaluate the overall security of networks, a new method for generating attack graphs was proposed.The method used breadth-first algorithm to search the dependence of network vulnerabilities.To solve the state explosion problem, the strategies that limited the number of attack steps and the reachability of state nodes were adopted in gener-ating attack graphs.The experimental results show that the generated attack graphs can help security administrators to evaluate the overall security of networks, and the adopted optimization strategies are effective to remove redundant edges and nodes in attack graphs and decrease the system overhead during generating attack graphs.http://www.joconline.com.cn/zh/article/74652904/network securitysecurity assessmentvulnerability analysisattack graph |
| spellingShingle | MAN Da-peng1 ZHOU Yuan2 YANG Wu1 YANG Yong-tian1 Method to generate attack graphs for assessing the overall security of networks Tongxin xuebao network security security assessment vulnerability analysis attack graph |
| title | Method to generate attack graphs for assessing the overall security of networks |
| title_full | Method to generate attack graphs for assessing the overall security of networks |
| title_fullStr | Method to generate attack graphs for assessing the overall security of networks |
| title_full_unstemmed | Method to generate attack graphs for assessing the overall security of networks |
| title_short | Method to generate attack graphs for assessing the overall security of networks |
| title_sort | method to generate attack graphs for assessing the overall security of networks |
| topic | network security security assessment vulnerability analysis attack graph |
| url | http://www.joconline.com.cn/zh/article/74652904/ |
| work_keys_str_mv | AT mandapeng1 methodtogenerateattackgraphsforassessingtheoverallsecurityofnetworks AT zhouyuan2 methodtogenerateattackgraphsforassessingtheoverallsecurityofnetworks AT yangwu1 methodtogenerateattackgraphsforassessingtheoverallsecurityofnetworks AT yangyongtian1 methodtogenerateattackgraphsforassessingtheoverallsecurityofnetworks |