Network security assessment based on full host-based attack graph

Abstract

Network security assessment is an important method of evaluating network security. The existing researches of network security assessment have the problem that the method is not comprehensive and accurate. In order to solve this problem, we proposed a method of network security assessment based on a full host-based attack graph from the point and plane perspective. This method constructed a full host-based attack graph model, and proposed a splitting algorithm for weakly connected components of the full host-based attack graph. The algorithm is used to evaluate the network security from the plane perspective. Meanwhile, based on the full host-based attack graph and the theory of degree centrality and betweenness centrality, the key nodes in the network are evaluated. Therefore, this method accomplished the comprehensive and accurate security measurement of the network. The experimental results showed the effectiveness of the method.