Knapsack problems: algorithms and computer implementations
Knapsack problems: algorithms and computer implementations
A graph-based system for network-vulnerability analysis
Proceedings of the 1998 workshop on New security paradigms
Scalable, graph-based network vulnerability analysis
Proceedings of the 9th ACM conference on Computer and communications security
Two Formal Analys s of Attack Graphs
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Automated Generation and Analysis of Attack Graphs
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Efficient Minimum-Cost Network Hardening Via Exploit Dependency Graphs
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Managing attack graph complexity through visual hierarchical aggregation
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Evaluating information security investments using the analytic hierarchy process
Communications of the ACM - Medical image modeling
Multiple Coordinated Views for Network Attack Graphs
VIZSEC '05 Proceedings of the IEEE Workshops on Visualization for Computer Security
Cluster Security Research Involving the Modeling of Network Exploitations Using Exploitation Graphs
CCGRID '06 Proceedings of the Sixth IEEE International Symposium on Cluster Computing and the Grid
A weakest-adversary security metric for network configuration security analysis
Proceedings of the 2nd ACM workshop on Quality of protection
Practical Attack Graph Generation for Network Defense
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
MulVAL: a logic-based network security analyzer
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Measuring the overall security of network configurations using attack graphs
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Validating and restoring defense in depth using attack graphs
MILCOM'06 Proceedings of the 2006 IEEE conference on Military communications
Vulnerability Assessment: Assessment Of Vulnerability Scanners
Network Security
| Hi-index | 0.00 |
In order to safeguard an organization's networked assets, a network administrator must decide how to harden the network. To aid the decision-making process, network administrators may use attack graphs, which, through analysis, yield network hardening suggestions. A critical drawback of currently available analyses is the lack of consideration for the network administrator's defense budget. We overcome this shortcoming by modeling the problem of choosing security measures given a finite budget as a combinatorial optimization problem. We call this problem the Security Measures Choosing Problem (SMCP). Dynamic programming is used to provide optimal solutions.