Abstract

A network security metric may provide quantifiable evidence to assist security practitioners in securing computer networks. However, research on security metrics based on attack graph is not applicable to the characteristics of internal attack; therefore we propose an internal network security metric method based on attack probability. Our approach has the following benefits: it provides the method of attack graph simplification with monitoring event node which could solve the attack graph exponential growth with the network size, while undermining the disguise of internal attacks and improving the efficiency of the entire method; the method of attack probability calculation based on simplified attack graph can simplify the complexity of internal attacks and improve the accuracy of the approach.

Highlights

  • With the rapid development of network and information technology, the role of information system in enterprise becomes more and more important

  • According to the definition and analysis of internal attacks provided by Computer Emergency Response Team (CERT) [1], the internal attacks have the transparency to defense intercepts, such as access control or firewalls

  • We propose an internal network security metric method based on attack probability to solve the problem of the existing security metrics based on attack graph lacking the

Read more

Summary

Introduction

With the rapid development of network and information technology, the role of information system in enterprise becomes more and more important. It is necessary to build an effective security metric technology for the internal network. By studying some important codes, researchers take necessary precautions against possible errors and give patches of software, so as to improve the overall safety of software. These methods are effective, they are very abstract and not easy to implement, and the results are Security and Communication Networks relatively few. If we start from the known network security vulnerabilities, it is relatively easy, for example, all kinds of graph theory based model checking methods, such as attack graph. We proposed an internal network security metric method based on attack probability to solve the problem of the existing security metrics with attack graph for the internal network

Related Work
An Approach for Internal Network Security Metric Based on Attack Probability
Method:
F Delete the node
Experiment and Analysis
Conclusion
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Attack graph-based security metrics: Concept, taxonomy, challenges and open issues
Zaid J Al-Araji ... N Aldahan
BIO Web of Conferences | VOL. 97
Zaid J Al-Araji, et. al.Zaid J Al-Araji ... N Aldahan
01 Jan 2024
Refining CVSS-Based Network Security Metrics by Examining the Base Scores
Pengsu Cheng ... Sushil Jajodia
-
Pengsu Cheng, et. al.Pengsu Cheng ... Sushil Jajodia
01 Jan 2017
K-Zero Day Safety: A Network Security Metric for Measuring the Risk of Unknown Vulnerabilities
Sushil Jajodia ... Steven Noel
IEEE Transactions on Dependable and Secure Computing | VOL. 11
Sushil Jajodia, et. al.Sushil Jajodia ... Steven Noel
01 Jan 2014
Network Security Metrics: From Known Vulnerabilities to Zero Day Attacks
Lingyu Wang ... Anoop Singhal
-
Lingyu Wang, et. al.Lingyu Wang ... Anoop Singhal
01 Jan 2018
View more papers

More From: Security and Communication Networks

Paper Title
Journal
Date
Author
A Robust Coverless Image Steganography Algorithm Based on Image Retrieval with SURF Features
Fan Li ... Weipeng Qian
Security and Communication Networks | VOL. 2024
Fan Li, et. al.Fan Li ... Weipeng Qian
18 May 2024
Effective and Efficient Android Malware Detection and Category Classification Using the Enhanced KronoDroid Dataset
Mudassar Waheed ... Luigi Catuogno
Security and Communication Networks | VOL. 2024
Mudassar Waheed, et. al.Mudassar Waheed ... Luigi Catuogno
08 Apr 2024
Securing the Transmission While Enhancing the Reliability of Communication Using Network Coding in Block-Wise Transfer of CoAP
Shadab Alam ... Mohammed D Halloush
Security and Communication Networks | VOL. 2024
Shadab Alam, et. al.Shadab Alam ... Mohammed D Halloush
28 Mar 2024
Exploring the Security Vulnerability in Frequency-Hiding Order-Preserving Encryption
Jihye Yang ... Kee Sung Kim
Security and Communication Networks | VOL. 2024
Jihye Yang, et. al.Jihye Yang ... Kee Sung Kim
29 Feb 2024
View more papers