Risk assessment method for network attack surface based on Bayesian attack graph
Aiming at the lack of objective risk assessment for the network attack surface on moving target defense,in order to realize the security risk assessment for the network system,and calculate the potential attack paths,a risk assessment method for network attack surface based on Bayesian attack graph...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2018-06-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2018053 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841530127751577600 |
|---|---|
| author | Yuyang ZHOU Guang CHENG Chunsheng GUO |
| author_facet | Yuyang ZHOU Guang CHENG Chunsheng GUO |
| author_sort | Yuyang ZHOU |
| collection | DOAJ |
| description | Aiming at the lack of objective risk assessment for the network attack surface on moving target defense,in order to realize the security risk assessment for the network system,and calculate the potential attack paths,a risk assessment method for network attack surface based on Bayesian attack graph was proposed.The network system resources,vulnerability and dependencies between them were used to establish Bayesian attack graph.Considering dependencies between nodes,the correlation between the resource and the influence of attacks on the attack path,the probability of each state that attackers can reach and the maximum probability attack path can be inferred.The experimental results prove the feasibility and effectiveness of the proposed network attack surface risk assessment method,which can provide a good support for the selection of dynamic defensive measures of attack surface. |
| format | Article |
| id | doaj-art-509dfaaf47064fc68c0eba5ddd49892a |
| institution | Kabale University |
| issn | 2096-109X |
| language | English |
| publishDate | 2018-06-01 |
| publisher | POSTS&TELECOM PRESS Co., LTD |
| record_format | Article |
| series | 网络与信息安全学报 |
| spelling | doaj-art-509dfaaf47064fc68c0eba5ddd49892a2025-01-15T03:12:51ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2018-06-014112259553523Risk assessment method for network attack surface based on Bayesian attack graphYuyang ZHOUGuang CHENGChunsheng GUOAiming at the lack of objective risk assessment for the network attack surface on moving target defense,in order to realize the security risk assessment for the network system,and calculate the potential attack paths,a risk assessment method for network attack surface based on Bayesian attack graph was proposed.The network system resources,vulnerability and dependencies between them were used to establish Bayesian attack graph.Considering dependencies between nodes,the correlation between the resource and the influence of attacks on the attack path,the probability of each state that attackers can reach and the maximum probability attack path can be inferred.The experimental results prove the feasibility and effectiveness of the proposed network attack surface risk assessment method,which can provide a good support for the selection of dynamic defensive measures of attack surface.http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2018053moving target defensesecurity risk assessmentBayesian attack graphattack surfaceattack path |
| spellingShingle | Yuyang ZHOU Guang CHENG Chunsheng GUO Risk assessment method for network attack surface based on Bayesian attack graph 网络与信息安全学报 moving target defense security risk assessment Bayesian attack graph attack surface attack path |
| title | Risk assessment method for network attack surface based on Bayesian attack graph |
| title_full | Risk assessment method for network attack surface based on Bayesian attack graph |
| title_fullStr | Risk assessment method for network attack surface based on Bayesian attack graph |
| title_full_unstemmed | Risk assessment method for network attack surface based on Bayesian attack graph |
| title_short | Risk assessment method for network attack surface based on Bayesian attack graph |
| title_sort | risk assessment method for network attack surface based on bayesian attack graph |
| topic | moving target defense security risk assessment Bayesian attack graph attack surface attack path |
| url | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2018053 |
| work_keys_str_mv | AT yuyangzhou riskassessmentmethodfornetworkattacksurfacebasedonbayesianattackgraph AT guangcheng riskassessmentmethodfornetworkattacksurfacebasedonbayesianattackgraph AT chunshengguo riskassessmentmethodfornetworkattacksurfacebasedonbayesianattackgraph |