Genetic Algorithm and Bayesian Attack Graph for Security Risk Analysis and Mitigation P.prakash
نویسندگان
چکیده
Risk assessment determines threats to critical resources and the corresponding loss expectancy.Bayesian network is used to model potential attack paths in a system. Knowledge of attackers and attack mechanisms are used to fetch the subset of attack paths. Security risk assessment and mitigation are two vital processes. Models such as attack graphs and attack trees are used to assess the cause-consequence relationships between various network states. Different decision problems are considered to identify the minimum-cost hardening measures. Common Vulnerability Scoring System (CVSS) is used to estimate thesecurity risk and vulnerability levels. Genetic algorithm is used to select solutions for risk mitigation stage.The system performs static and dynamic analysis of risks in networked systems. Single objective and multi objective optimization models are used for solution selection process. The Single Objective Optimization Problem (SOOP) and Multi Objective Optimization Problem (MOOP) solution are prepared with minimum time complexity.
منابع مشابه
A particle swarm optimization algorithm for minimization analysis of cost-sensitive attack graphs
To prevent an exploit, the security analyst must implement a suitable countermeasure. In this paper, we consider cost-sensitive attack graphs (CAGs) for network vulnerability analysis. In these attack graphs, a weight is assigned to each countermeasure to represent the cost of its implementation. There may be multiple countermeasures with different weights for preventing a single exploit. Also,...
متن کاملBayesian Attack Graphs for Security Risk Assessment
Attack graphs offer a powerful framework for security risk assessment. They provide a compact representation of the attack paths that an attacker can follow to compromise network resources from the analysis of the network topology and vulnerabilities. The uncertainty about the attacker’s behaviour makes Bayesian networks suitable to model attack graphs to perform static and dynamic security ris...
متن کاملAn Ant Colony Optimization Algorithm for Network Vulnerability Analysis
Intruders often combine exploits against multiple vulnerabilities in order to break into the system. Each attack scenario is a sequence of exploits launched by an intruder that leads to an undesirable state such as access to a database, service disruption, etc. The collection of possible attack scenarios in a computer network can be represented by a directed graph, called network attack gra...
متن کاملA collusion mitigation scheme for reputation systems
Reputation management systems are in wide-spread use to regulate collaborations in cooperative systems. Collusion is one of the most destructive malicious behaviors in which colluders seek to affect a reputation management system in an unfair manner. Many reputation systems are vulnerable to collusion, and some model-specific mitigation methods are proposed to combat collusion. Detection of col...
متن کاملA New Method for Intrusion Detection Using Genetic Algorithm and Neural network
Abstract— In order to provide complete security in a computer system and to prevent intrusion, intrusion detection systems (IDS) are required to detect if an attacker crosses the firewall, antivirus, and other security devices. Data and options to deal with it. In this paper, we are trying to provide a model for combining types of attacks on public data using combined methods of genetic algorit...
متن کامل