Show simple item record

dc.contributor.authorHamid, Thaier K.A.en_GB
dc.contributor.authorMaple, Carstenen_GB
dc.date.accessioned2013-03-01T09:47:58Z
dc.date.available2013-03-01T09:47:58Z
dc.date.issued2011
dc.identifier.citationHamid, T. and Maple, C. (2011) 'A Graph theoretical approach to Network Vulnerability Analysis and Countermeasures', International Journal of Computer Applications, 1, pp.13-18en_GB
dc.identifier.doi10.5120/4320-007
dc.identifier.urihttp://hdl.handle.net/10547/270777
dc.description.abstractComputer networks are certainly vulnerable as long as they deliver services from different machines. An attack graph is a security model representing the chains of vulnerability exploits in a network displays the ways an attacker can compromise a network or host. A number of researchers have admitted attack graph visual complications and a large amount of source data must be assembled to accurately build an attack graph, the difficulty scaling to large, enterprise-size networks with tens of thousands of hosts and the lack comprehensive understanding. Information on vulnerabilities is present in public vulnerability databases, such as the National Vulnerability Database and Nessus. But current attack graph tools are reserved to only limited attributes. The automatic formation of vulnerability information has been troublesome and vulnerability descriptions were created by hand or based on limited information. Much vulnerability has still not been discov-ered and many others without patches or solutions Our approach to developing a cost metric exploits the Markov’s model using combinations well known vulnerabilities (the Common Vulnerability Scoring System, CVSS) and Risk Assessment Values (RAV) and using ranking algorithms (similar to V. Mehta et al. 2006 and kijsanayothin, 2010) but instead of using vulnerabilities. For each host we have developed a cost rank Markov’s model reducing the complexity in the attack graph, representing the network topology and dipping the problem of visibility.
dc.language.isoenen
dc.publisherFoundation of Computer Science, New York, USAen_GB
dc.relation.urlhttp://www.ijcaonline.org/specialissues/nsc/number1/4320-spe007ten_GB
dc.subjectranking attack graphen_GB
dc.subjectnetwork securityen_GB
dc.subjectsecurity metricsen_GB
dc.titleA Graph theoretical approach to Network Vulnerability Analysis and Countermeasuresen
dc.typeArticleen
dc.identifier.journalIJCA Special Issue on Network Security and Cryptography NSCen_GB
html.description.abstractComputer networks are certainly vulnerable as long as they deliver services from different machines. An attack graph is a security model representing the chains of vulnerability exploits in a network displays the ways an attacker can compromise a network or host. A number of researchers have admitted attack graph visual complications and a large amount of source data must be assembled to accurately build an attack graph, the difficulty scaling to large, enterprise-size networks with tens of thousands of hosts and the lack comprehensive understanding. Information on vulnerabilities is present in public vulnerability databases, such as the National Vulnerability Database and Nessus. But current attack graph tools are reserved to only limited attributes. The automatic formation of vulnerability information has been troublesome and vulnerability descriptions were created by hand or based on limited information. Much vulnerability has still not been discov-ered and many others without patches or solutions Our approach to developing a cost metric exploits the Markov’s model using combinations well known vulnerabilities (the Common Vulnerability Scoring System, CVSS) and Risk Assessment Values (RAV) and using ranking algorithms (similar to V. Mehta et al. 2006 and kijsanayothin, 2010) but instead of using vulnerabilities. For each host we have developed a cost rank Markov’s model reducing the complexity in the attack graph, representing the network topology and dipping the problem of visibility.


This item appears in the following Collection(s)

Show simple item record