A graph-based system for network-vulnerability analysis
Proceedings of the 1998 workshop on New security paradigms
Scalable, graph-based network vulnerability analysis
Proceedings of the 9th ACM conference on Computer and communications security
Representing TCP/IP Connectivity For Topological Analysis of Network Security
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
How to Systematically Classify Computer Security Intrusions
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Using Model Checking to Analyze Network Vulnerabilities
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
| Hi-index | 0.00 |
Recently in-depth analysis of network security vulnerability must consider attacker exploits not just in isolation, but also in combination. The general approach to this problem is to compute attack graphs using a variety of graph-based algorithms. However, such methods generally suffer the exponential state space problem. Therefore, this paper brings forward two conceptions of vulnerability correlation matrix and vulnerability correlation graph (VCG). An algorithm based on vulnerability correlation matrix was proposed to generate VCGs. An example was given to illustrate the application and effect of the algorithm in network security analysis. Deep analysis proves that VCGs have polynomial complexity of the number of network vulnerabilities and scale well for large networks. Moreover, the example shows that VCGs are a good help to and convenient for network security management.