کد مقاله کد نشریه سال انتشار مقاله انگلیسی نسخه تمام متن
6883871 1444208 2018 26 صفحه PDF دانلود رایگان
عنوان انگلیسی مقاله ISI
Empirical analysis of attack graphs for mitigating critical paths and vulnerabilities
ترجمه فارسی عنوان
تجزیه و تحلیل تجربی از نمودار های حمله برای کاهش مسیرهای بحرانی و آسیب پذیری
موضوعات مرتبط
مهندسی و علوم پایه مهندسی کامپیوتر شبکه های کامپیوتری و ارتباطات
چکیده انگلیسی
The proliferated complexity of network size together with the expeditious development of software applications and their numerous vulnerabilities, security hardening is becoming a considerable challenge for security experts. Although various techniques were already present till date for security analysis, the majority of works focused on individual vulnerability analysis. Attackers do not necessarily compromise a single vulnerability on only one machine, but they can continue exploiting other vulnerabilities by using the resources of the compromised machine. Individual vulnerability analysis may not work well in such situations. This paper bridges the gap between chained vulnerabilities and their analysis. In this work, we have developed a methodology to prioritize individual vulnerability as well as attack paths. The existing CVSS score based scheme has been modified to calculate risk score of individual vulnerability considering all three metrics i.e. base metrics, temporal metrics and environmental metrics of CVSS in conjunction. Finally, Page rank model was used to prioritize attack paths. The results were verified by applying Markov model also. The results also show that the proposed methodology outperforms existing techniques in terms of risk analysis.
ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Computers & Security - Volume 77, August 2018, Pages 349-359
نویسندگان
, , ,