کد مقاله | کد نشریه | سال انتشار | مقاله انگلیسی | نسخه تمام متن |
---|---|---|---|---|
6884342 | 695293 | 2013 | 12 صفحه PDF | دانلود رایگان |
عنوان انگلیسی مقاله ISI
Exploring attack graph for cost-benefit security hardening: A probabilistic approach
ترجمه فارسی عنوان
بررسی گراف حمله برای تقویت هزینه های سود: یک روش احتمالاتی
دانلود مقاله + سفارش ترجمه
دانلود مقاله ISI انگلیسی
رایگان برای ایرانیان
کلمات کلیدی
مدیریت امنیت، تجزیه و تحلیل آسیب پذیری، ارزیابی ریسک، گراف حمله سخت شدن سخت افزار، معیارهای امنیتی،
موضوعات مرتبط
مهندسی و علوم پایه
مهندسی کامپیوتر
شبکه های کامپیوتری و ارتباطات
چکیده انگلیسی
The increasing complexity of today's computer systems, together with the rapid emergence of novel vulnerabilities, make security hardening a formidable challenge for security administrators. Although a large variety of tools and techniques are available for vulnerability analysis, the majority work at system or network level without explicit association with human and organizational factors. This article presents a middleware approach to bridge the gap between system-level vulnerabilities and organization-level security metrics, ultimately contributing to cost-benefit security hardening. In particular, our approach systematically integrates attack graph, a commonly used effective approach to representing and analyzing network vulnerabilities, and Hidden Markov Model (HMM) together, for exploring the probabilistic relation between system observations and states. More specifically, we modify and apply dependency attack graph to represent network assets and vulnerabilities (observations), which are then fed to HMM for estimating attack states, whereas their transitions are driven by a set of predefined cost factors associated with potential attacks and countermeasures. A heuristic searching algorithm is employed to automatically infer the optimal security hardening through cost-benefit analysis. We use a synthetic network scenario to illustrate our approach and evaluate its performance through a set of simulations.
ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Computers & Security - Volume 32, February 2013, Pages 158-169
Journal: Computers & Security - Volume 32, February 2013, Pages 158-169
نویسندگان
Shuzhen Wang, Zonghua Zhang, Youki Kadobayashi,