Network security analysis method taking into account the usage information (poster abstract)

Authors:
Wu Jinyu;Yin Lihua;Fang Binxing
Affiliations:
Beijing University of Posts and Telecommunications, Beijing, Chinnstitute of Information Engineering, Chinese Academy of Sciences, Beijing, China;Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China;Beijing University of Posts and Telecommunications, Beijing, China
Venue:
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
Year:
2012

Citing 2
Cited 0

Two Formal Analys s of Attack Graphs

CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
A scalable approach to attack graph generation

Proceedings of the 13th ACM conference on Computer and communications security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Existing network security analysis methods such as using tools like attack graphs or attack trees to compute risk probabilities did not consider the concrete running environment of the target network, which may make the obtained results deviate from the true situation. In this paper, we propose a network security analysis method taking into account the usage information of the target network. We design usage sensors in each host to get the usage information in the network. Combining with attack graph generation tool which gets all the vulnerabilities in the network in the graph form, we evaluation the network using the usage information and the vulnerabilities information, and get more accurate evaluation results.