|
|
|
| Quantization Evaluation Algorithm for Attack Graph Based on Node Score |
| CHEN Qi-yun1, CHEN Xiu-zhen1, CHEN Yi-qun2, FAN Lei1 |
| (1. School of Information Security Engineering, Shanghai Jiaotong University, Shanghai 200240, China; 2. Unit 61398, Shanghai 200137, China) |
|
|
|
|
Abstract This paper proposes a quantization evaluation algorithm for attack graph based on node score named NSBRank, which is used to quantize the importance of all nodes in the attack graphs. It computes the initial ranks of all nodes, and works out the final ranks on the basis of the initial values, so that the relative importance between nodes is more clear, and the ability of response for network security is enhanced. Experimental results prove that NSBRank is more reasonable and effective.
|
|
|
|
|
|
|
|
| [1] Noel S, Jajodia S, O’Berry B, et al. Efficient Minimum-cost Network Hardening via Exploit Dependency Graphs[C]//Proc. of the 19th Annual Computer Security Applications Conference. Las Vegas, Nevada, USA: [s. n.], 2003.
[2] Ou Xinming, Boyer W F, McQueen M A. A Scalable Approach to Attack Graph Generation[C]//Proc. of the 13th ACM Conference on Computer and Communications Security. Alexandria, Virginia, USA: ACM Press, 2006.
[3] Sawilla R, Ou Xinming. Googling Attack Graphs[R]. Defence R & D Canada——Ottawa, Tech. Rep: TM 2007-205, 2007.
[4] Mell P, Scarfone K, Romanosky S. Common Vulnerability Scoring System[DB/OL]. [2009-10-11]. http://www.romanosky.net/pubs/ ieee-cvss-12-06.pdf.
[5] Bianchini M, Gori M, Scarselli F. Inside PageRank[J]. ACM Transactions on Internet Technology, 2005, 5(1): 92-128.
|
|
|
|
2010, Vol. 36 
