2.50
Hdl Handle:
http://hdl.handle.net/10547/270777
Title:
A Graph theoretical approach to Network Vulnerability Analysis and Countermeasures
Authors:
Hamid, Thaier; Maple, Carsten
Abstract:
Computer networks are certainly vulnerable as long as they deliver services from different machines. An attack graph is a security model representing the chains of vulnerability exploits in a network displays the ways an attacker can compromise a network or host. A number of researchers have admitted attack graph visual complications and a large amount of source data must be assembled to accurately build an attack graph, the difficulty scaling to large, enterprise-size networks with tens of thousands of hosts and the lack comprehensive understanding. Information on vulnerabilities is present in public vulnerability databases, such as the National Vulnerability Database and Nessus. But current attack graph tools are reserved to only limited attributes. The automatic formation of vulnerability information has been troublesome and vulnerability descriptions were created by hand or based on limited information. Much vulnerability has still not been discov-ered and many others without patches or solutions Our approach to developing a cost metric exploits the Markov’s model using combinations well known vulnerabilities (the Common Vulnerability Scoring System, CVSS) and Risk Assessment Values (RAV) and using ranking algorithms (similar to V. Mehta et al. 2006 and kijsanayothin, 2010) but instead of using vulnerabilities. For each host we have developed a cost rank Markov’s model reducing the complexity in the attack graph, representing the network topology and dipping the problem of visibility.
Citation:
Hamid, T. and Maple, C. (2011) 'A Graph theoretical approach to Network Vulnerability Analysis and Countermeasures', International Journal of Computer Applications, 1, pp.13-18
Publisher:
Foundation of Computer Science, New York, USA
Journal:
IJCA Special Issue on Network Security and Cryptography NSC
Issue Date:
2011
URI:
http://hdl.handle.net/10547/270777
DOI:
10.5120/4320-007
Additional Links:
http://www.ijcaonline.org/specialissues/nsc/number1/4320-spe007t
Type:
Article
Language:
en
Appears in Collections:
Centre for Research in Distributed Technologies (CREDIT)

Full metadata record

DC FieldValue Language
dc.contributor.authorHamid, Thaieren_GB
dc.contributor.authorMaple, Carstenen_GB
dc.date.accessioned2013-03-01T09:47:58Z-
dc.date.available2013-03-01T09:47:58Z-
dc.date.issued2011-
dc.identifier.citationHamid, T. and Maple, C. (2011) 'A Graph theoretical approach to Network Vulnerability Analysis and Countermeasures', International Journal of Computer Applications, 1, pp.13-18en_GB
dc.identifier.doi10.5120/4320-007-
dc.identifier.urihttp://hdl.handle.net/10547/270777-
dc.description.abstractComputer networks are certainly vulnerable as long as they deliver services from different machines. An attack graph is a security model representing the chains of vulnerability exploits in a network displays the ways an attacker can compromise a network or host. A number of researchers have admitted attack graph visual complications and a large amount of source data must be assembled to accurately build an attack graph, the difficulty scaling to large, enterprise-size networks with tens of thousands of hosts and the lack comprehensive understanding. Information on vulnerabilities is present in public vulnerability databases, such as the National Vulnerability Database and Nessus. But current attack graph tools are reserved to only limited attributes. The automatic formation of vulnerability information has been troublesome and vulnerability descriptions were created by hand or based on limited information. Much vulnerability has still not been discov-ered and many others without patches or solutions Our approach to developing a cost metric exploits the Markov’s model using combinations well known vulnerabilities (the Common Vulnerability Scoring System, CVSS) and Risk Assessment Values (RAV) and using ranking algorithms (similar to V. Mehta et al. 2006 and kijsanayothin, 2010) but instead of using vulnerabilities. For each host we have developed a cost rank Markov’s model reducing the complexity in the attack graph, representing the network topology and dipping the problem of visibility.en_GB
dc.language.isoenen
dc.publisherFoundation of Computer Science, New York, USAen_GB
dc.relation.urlhttp://www.ijcaonline.org/specialissues/nsc/number1/4320-spe007ten_GB
dc.subjectranking attack graphen_GB
dc.subjectnetwork securityen_GB
dc.subjectsecurity metricsen_GB
dc.titleA Graph theoretical approach to Network Vulnerability Analysis and Countermeasuresen
dc.typeArticleen
dc.identifier.journalIJCA Special Issue on Network Security and Cryptography NSCen_GB
All Items in UOBREP are protected by copyright, with all rights reserved, unless otherwise indicated.