Host security assessment method based on attack graph
In order to solve the problems of inaccurate calculation of host security value and ignoring host correlation in attack graph, a host security assessment method based on attack graph was proposed.First, the host attack graph was generated to quantify the atomic attack probability and the attack prob...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2022-02-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2022030/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841540008217935872 |
|---|---|
| author | Hongyu YANG Haihang YUAN Liang ZHANG |
| author_facet | Hongyu YANG Haihang YUAN Liang ZHANG |
| author_sort | Hongyu YANG |
| collection | DOAJ |
| description | In order to solve the problems of inaccurate calculation of host security value and ignoring host correlation in attack graph, a host security assessment method based on attack graph was proposed.First, the host attack graph was generated to quantify the atomic attack probability and the attack probability of the host was calculated from four perspectives, such as vulnerability itself, time, environment and operational system availability.Then, the host assets importance was calculated according to expert transcendental evaluation and correlation weighting method, and the topology importance of host was calculated according to the association relationship between hosts in attack graph.Finally, the host security value was calculated according to the impact value of host vulnerability, host importance and host attack probability.The experimental results show that the importance and security value of the proposed method accord with the real network situation and can reflect the security condition of the host more completely and accurately.The standard deviation of host safety value obtained by the proposed method is 0.078, which is larger than that obtained by other methods, indicating that the safety value obtained by the proposed method is more discrete and easier to distinguish the safety level from the subsequent risk disposal priority. |
| format | Article |
| id | doaj-art-ff03306d8a104c448cdf746382367b67 |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2022-02-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-ff03306d8a104c448cdf746382367b672025-01-14T06:29:30ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2022-02-0143899959394276Host security assessment method based on attack graphHongyu YANGHaihang YUANLiang ZHANGIn order to solve the problems of inaccurate calculation of host security value and ignoring host correlation in attack graph, a host security assessment method based on attack graph was proposed.First, the host attack graph was generated to quantify the atomic attack probability and the attack probability of the host was calculated from four perspectives, such as vulnerability itself, time, environment and operational system availability.Then, the host assets importance was calculated according to expert transcendental evaluation and correlation weighting method, and the topology importance of host was calculated according to the association relationship between hosts in attack graph.Finally, the host security value was calculated according to the impact value of host vulnerability, host importance and host attack probability.The experimental results show that the importance and security value of the proposed method accord with the real network situation and can reflect the security condition of the host more completely and accurately.The standard deviation of host safety value obtained by the proposed method is 0.078, which is larger than that obtained by other methods, indicating that the safety value obtained by the proposed method is more discrete and easier to distinguish the safety level from the subsequent risk disposal priority.http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2022030/host securityattack graphatomic attack probabilityasset importancetopology importancesecurity assessment |
| spellingShingle | Hongyu YANG Haihang YUAN Liang ZHANG Host security assessment method based on attack graph Tongxin xuebao host security attack graph atomic attack probability asset importance topology importance security assessment |
| title | Host security assessment method based on attack graph |
| title_full | Host security assessment method based on attack graph |
| title_fullStr | Host security assessment method based on attack graph |
| title_full_unstemmed | Host security assessment method based on attack graph |
| title_short | Host security assessment method based on attack graph |
| title_sort | host security assessment method based on attack graph |
| topic | host security attack graph atomic attack probability asset importance topology importance security assessment |
| url | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2022030/ |
| work_keys_str_mv | AT hongyuyang hostsecurityassessmentmethodbasedonattackgraph AT haihangyuan hostsecurityassessmentmethodbasedonattackgraph AT liangzhang hostsecurityassessmentmethodbasedonattackgraph |