Abstract
Nowadays, vulnerability attacks occur frequently. Due to the information asymmetry between attackers and defenders, vulnerabilities can be divided into known and unknown. Existing researches mainly focus on the risk assessment of known vulnerabilities. However, unknown vulnerabilities are more threatening and harder to detect. Therefore, unknown vulnerability risk assessment deserves the widespread attention. To model the exploit process, directed graph models are applied to vulnerability risk assessment. And security metrics are used to quantify the exploitability of vulnerabilities. In this paper, according to the data source of nodes, related works of unknown vulnerability risk assessment based on directed graph models are divided into two types. One is based on network-level data, the other is based on system-level data. The former is to visualize the network status, while the latter is to reflect the running process of the system. The concept and purpose of these directed graph models are given at first. Then, these models are analyzed from three aspects, including advantages, flaws and solutions. After that, challenges and solutions of unknown vulnerability risk assessment based on directed graph models are given. Meantime, security metrics for unknown vulnerability risk assessment based on directed graph models are summarized and classified. Finally, future work directions of unknown vulnerability risk assessment are discussed from the perspective of techniques and application trends. Consequently, this paper can fill in the lack of current survey on unknown vulnerability risk assessment based on directed graph models.
Highlights
With the continuous expansion of network scale, current network has the characteristics of large number of nodes, complicated structure, diversified protocols and data enrichment
This model only focuses on remote access resources, and the availability and accuracy of inputs are required during the process of forming a resource graph
Directed graph models for unknown vulnerability risk assessment are formed by enumerating possible attack paths
Summary
With the continuous expansion of network scale, current network has the characteristics of large number of nodes, complicated structure, diversified protocols and data enrichment. Due to the reason that KVRA only focuses on known vulnerabilities, the major task of UVRA is to propose new directed graph models or improve existing models to simulate zero-day exploits. For unknown vulnerabilities, there is no existing standard to convert vulnerability scores Another major task of UVRA is to propose new security metrics to quantify the exploitability of zero-day vulnerabilities. Vulnerability risk assessment based on directed graph models requires the quantification of nodes and paths. In this paper, according to the data source of nodes, related works of UVRA based on directed graph models are divided into two types. II, a brief introduction of Unknown Vulnerability Risk Assessment (UVRA) based on Directed Graph Model (DGM) is given.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
