An Atomic-Domains-Based Approach for Attack Graph Generation
نویسندگان
چکیده
Attack graph is an integral part of modeling the overview of network security. System administrators use attack graphs to determine how vulnerable their systems are and to determine what security measures to deploy to defend their systems. Previous methods on AGG(attack graphs generation) are aiming at the whole network, which makes the process of AGG complex and non-scalable. In this paper, we propose a new approach which is simple and scalable to AGG by decomposing the whole network into atomic domains. Each atomic domain represents a host with a specific privilege. Then the process for AGG is achieved by communications among all the atomic domains. Our approach simplifies the process of design for the whole network, and can gives the attack graphs including each attack path for each host, and when the network changes we just carry on the operations of corresponding atomic domains which makes the process of AGG scalable. Keywords—atomic domain,vulnerability, attack graphs, generation, computer security
منابع مشابه
Real-Time intrusion detection alert correlation and attack scenario extraction based on the prerequisite consequence approach
Alert correlation systems attempt to discover the relations among alerts produced by one or more intrusion detection systems to determine the attack scenarios and their main motivations. In this paper a new IDS alert correlation method is proposed that can be used to detect attack scenarios in real-time. The proposed method is based on a causal approach due to the strength of causal methods in ...
متن کاملAn Optimal Approach to Local and Global Text Coherence Evaluation Combining Entity-based, Graph-based and Entropy-based Approaches
Text coherence evaluation becomes a vital and lovely task in Natural Language Processing subfields, such as text summarization, question answering, text generation and machine translation. Existing methods like entity-based and graph-based models are engaging with nouns and noun phrases change role in sequential sentences within short part of a text. They even have limitations in global coheren...
متن کاملOn the computational complexity of finding a minimal basis for the guess and determine attack
Guess-and-determine attack is one of the general attacks on stream ciphers. It is a common cryptanalysis tool for evaluating security of stream ciphers. The effectiveness of this attack is based on the number of unknown bits which will be guessed by the attacker to break the cryptosystem. In this work, we present a relation between the minimum numbers of the guessed bits and uniquely restricted...
متن کاملAn Ant Colony Optimization Algorithm for Network Vulnerability Analysis
Intruders often combine exploits against multiple vulnerabilities in order to break into the system. Each attack scenario is a sequence of exploits launched by an intruder that leads to an undesirable state such as access to a database, service disruption, etc. The collection of possible attack scenarios in a computer network can be represented by a directed graph, called network attack gra...
متن کاملADAPTIVE ORDERED WEIGHTED AVERAGING FOR ANOMALY DETECTION IN CLUSTER-BASED MOBILE AD HOC NETWORKS
In this paper, an anomaly detection method in cluster-based mobile ad hoc networks with ad hoc on demand distance vector (AODV) routing protocol is proposed. In the method, the required features for describing the normal behavior of AODV are defined via step by step analysis of AODV and independent of any attack. In order to learn the normal behavior of AODV, a fuzzy averaging method is used fo...
متن کامل