Abstract

With the rapid development of the Internet, network attacks often occur, and network security is widely concerned. Searching for practical security risk assessment methods is a research hotspot in the field of network security. Network attack graph model is an active detection technology for the attack path. From the perspective of the attacker, it simulated the whole network attack scenario and then presented the dependency among the vulnerabilities in the target network in the way of directed graph. It is an effective tool for analyzing network vulnerability. This paper describes in detail the common methods and tools of network security assessment and analyzes the construction of theoretical model of attack graph, the optimization technology of attack graph, and the research status of qualitative and quantitative analysis technology of attack graph in network security assessment. The attack graph generated in the face of large-scale network is too complex to find the key vulnerability nodes accurately and quickly. Optimizing the attack graph and solving the key attack set can help the security manager better understand the security state of the nodes in the network system, so as to strengthen the security defense ability and guarantee the security of the network system. For all kinds of loop phenomena of directed attribute attack graph, the general method of eliminating loop is given to get an acyclic attack graph. On the basis of acyclic attack graph, an optimization algorithm based on path complexity is proposed, which takes atomic attack distance and atomic weight into consideration, and on the basis of simplified attack graph, minimum-cost security reinforcement is carried out for the network environment. Based on the ant colony algorithm, the adaptive updating principle of changing pheromone and the local searching strategy of the adaptive genetic algorithm are proposed to improve the ant colony algorithm. The experimental results show that compared with the ant colony algorithm, the improved ant colony algorithm can speed up the process of solving the optimal solution. When the number of attack paths is large, the advantages of the improved ant colony algorithm in solving accuracy and late search speed are more obvious, and it is more suitable for large-scale networks.

Highlights

  • With the increasing number of hosts accessing the Internet, coupled with the complexity of various application hardware and software as well as various network protocols, some code loopholes will occur in the stage of design, development, deployment, and maintenance

  • Attribute attack graph is constructed with mature tools, which have been studied by predecessors, but the attack graph constructed in large-scale network has some problems such as low readability and unsatisfactory guidance for security managers

  • The problem of network security is due to the existence of vulnerability loopholes in the network system, which gives attackers an opportunity to take advantage of. erefore, in order to be able to develop better preventive measures in the network security protection system, we should start from the analysis of the vulnerability vulnerabilities in the network system. erefore, this paper focuses on the network security evaluation and analysis based on the attack graph model

Read more

Summary

Introduction

With the increasing number of hosts accessing the Internet, coupled with the complexity of various application hardware and software as well as various network protocols, some code loopholes will occur in the stage of design, development, deployment, and maintenance. E modelbased research method can show all possible attack paths in the form of graphs and carry out qualitative or quantitative analysis on the existing security problems, which is convenient for security managers to understand the security of the network environment [8,9,10,11,12]. It is an active network security defense measure. The following mainly introduces the research status of attack graph technology from the construction, optimization, and security analysis of attack graph [13,14,15]

Network Security Risk Assessment Based on Attack Graph
B Success potential A
Attack graph Related concepts are defined and construction techniques
Findings
Conclusion
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
A semantic approach to improving machine readability of a large-scale attack graph
Jooyoung Lee ... Youngseok Lee
The Journal of Supercomputing | VOL. 75
Jooyoung Lee, et. al.Jooyoung Lee ... Youngseok Lee
10 May 2018
Real-Time Risk Assessment of Network Security Based on Attack Graphs
Xiaochuan Yin ... Yibo Liu
-
Xiaochuan Yin, et. al.Xiaochuan Yin ... Yibo Liu
01 Jan 2013
Network Security Situation Assessment Methods and Tactics Based on Multivariate Spatiotemporal Attack Graph Model
Anshun Zhou ... Mingde Huo
-
Anshun Zhou, et. al.Anshun Zhou ... Mingde Huo
01 Dec 2021
A network attack path prediction method using attack graph
Xuguang Liu
Journal of Ambient Intelligence and Humanized Computing | VOL. -
Xuguang LiuXuguang Liu
11 Jun 2020
View more papers

More From: Scientific programming

Paper Title
Journal
Date
Author
Recognition of Hotspot Words for Disease Symptoms Incorporating Contextual Weight and Co-Occurrence Degree
Qingxue Liu ... Pengwei Wang
Scientific programming | VOL. 2024
Qingxue Liu, et. al.Qingxue Liu ... Pengwei Wang
05 Apr 2024
An Example of Modelica–LabVIEW Communication Usage to Implement Hardware-in-the-Loop Experiments
Massimo Ceraolo ... Cristian Mateos
Scientific programming | VOL. 2024
Massimo Ceraolo, et. al.Massimo Ceraolo ... Cristian Mateos
05 Feb 2024
Deep Neural Network-Based Cloth Collision Detection Algorithm
Yanxia Jin ... Roberto Natella
Scientific programming | VOL. 2024
Yanxia Jin, et. al.Yanxia Jin ... Roberto Natella
17 Jan 2024
-
-
Scientific programming | VOL. -
--
01 Jan 2024
View more papers