Skip to main content

2013 | OriginalPaper | Buchkapitel

Research on Attack Graph Generation for Network Security Situation

verfasst von : Yanbo Wang, Huiqiang Wang, Chao Zhao, Yushu Zhang, Ming Yu

Erschienen in: Proceedings of The Eighth International Conference on Bio-Inspired Computing: Theories and Applications (BIC-TA), 2013

Verlag: Springer Berlin Heidelberg

Aktivieren Sie unsere intelligente Suche um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Attack graph generation method based on network security situation is presented. Attack graph technique bases attack graph on the target network and the attack model. Generally, attack path is shown that the attacker uses vulnerability of target network to carry out network attack by graph structure. Attribute attack graph generation method based on breadth-first is put forward, which during the process of the attack graph generation solve the problem of circle path and combination explosion, the different scale of simulation experiment shows that the research results can found in time and make up for security problems existing in the network system, effectively improve the survivability of the network system, so as to improve the ability that network system deals with all kinds of sudden attack.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literatur
1.
Zurück zum Zitat Noel S, Jajodia S (2008) Optimal IDS sensor placement and alert prioritization using attack graphs. J Network Syst Manage 3(16):259–275CrossRef Noel S, Jajodia S (2008) Optimal IDS sensor placement and alert prioritization using attack graphs. J Network Syst Manage 3(16):259–275CrossRef
2.
Zurück zum Zitat Lippmann RP, Ingols KW (2005) An annotated review of past papers on attack graphs. Technical Report, ESC-TR-2005-054, MIT Lincoln Laboratory Lippmann RP, Ingols KW (2005) An annotated review of past papers on attack graphs. Technical Report, ESC-TR-2005-054, MIT Lincoln Laboratory
3.
Zurück zum Zitat Jha S, Sheyner O, Wing J (2002) Two formal analyses of attack graphs. In: The l5th IEEE computer security foundations workshop. IEEE Computer Society, Cape Breton, pp 49–63 Jha S, Sheyner O, Wing J (2002) Two formal analyses of attack graphs. In: The l5th IEEE computer security foundations workshop. IEEE Computer Society, Cape Breton, pp 49–63
4.
Zurück zum Zitat Ammann P, Wijesekera D, Kaushik S (2002) Scalable, graph-based network vulnerability analysis. In: The 9th ACM conference on computer and communications security. ACM Press, New York, pp 217–224 Ammann P, Wijesekera D, Kaushik S (2002) Scalable, graph-based network vulnerability analysis. In: The 9th ACM conference on computer and communications security. ACM Press, New York, pp 217–224
5.
Zurück zum Zitat Wang L, Noel S, Jajodia S (2006) Minimum-cost network hardening using attack graphs. Comput Commun 29(18):812–824CrossRef Wang L, Noel S, Jajodia S (2006) Minimum-cost network hardening using attack graphs. Comput Commun 29(18):812–824CrossRef
6.
Zurück zum Zitat Sheyner OM (2004) Scenario graphs and attack graphs. Carnegie Mellon University Sheyner OM (2004) Scenario graphs and attack graphs. Carnegie Mellon University
7.
Zurück zum Zitat Ou X, Boyer WF, McQueen MA (2006) A scalable approach to attack graph generation. In: Proceedings of the 13th ACM conference on computer and communications security, pp 336–345 Ou X, Boyer WF, McQueen MA (2006) A scalable approach to attack graph generation. In: Proceedings of the 13th ACM conference on computer and communications security, pp 336–345
8.
Zurück zum Zitat Ou X (2005) A logic-programming approach to network security analysis. Princeton University, Princeton Ou X (2005) A logic-programming approach to network security analysis. Princeton University, Princeton
9.
Zurück zum Zitat Noel S, Robertson E, Jajodia S (2004) Correlating intrusion events and building attack scenarios through attack graph distances. In: Proceedings of the 20th annual computer security applications conference, vol 12. Tucson, AZ, USA, pp 350–359 Noel S, Robertson E, Jajodia S (2004) Correlating intrusion events and building attack scenarios through attack graph distances. In: Proceedings of the 20th annual computer security applications conference, vol 12. Tucson, AZ, USA, pp 350–359
10.
Zurück zum Zitat Swiler LP, Philips C, Gaylor T (1988) A graph-based network-vulnerability analysis system. Technical Report. SANDIA Report No. SAND 97-3010/1 Swiler LP, Philips C, Gaylor T (1988) A graph-based network-vulnerability analysis system. Technical Report. SANDIA Report No. SAND 97-3010/1
11.
Zurück zum Zitat Qin X, Lee W (2004) Attack plan recognition and prediction using causal networks. In: Proceedings of international conference on computer security applications, Atlanta, USA, pp 370–379 Qin X, Lee W (2004) Attack plan recognition and prediction using causal networks. In: Proceedings of international conference on computer security applications, Atlanta, USA, pp 370–379
Metadaten
Titel
Research on Attack Graph Generation for Network Security Situation
verfasst von
Yanbo Wang
Huiqiang Wang
Chao Zhao
Yushu Zhang
Ming Yu
Copyright-Jahr
2013
Verlag
Springer Berlin Heidelberg
DOI
https://doi.org/10.1007/978-3-642-37502-6_134