Research on network risk assessment based on attack graph of expected benefits-rate
As Internet applications and services become more and more extensive, the endless network attacks lead to great risks and challenges to the security of information systems.As a model-based network security risk analysis technology, attack graph is helpful to find the vulnerability between network no...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2022-08-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.infocomm-journal.com/cjnis/CN/10.11959/j.issn.2096-109x.2022047 |
| _version_ | 1811271899880095744 |
|---|---|
| author | Wenfu LIU Jianmin PANG, Xin ZHOU, Nan LI, Feng YUE |
| author_facet | Wenfu LIU Jianmin PANG, Xin ZHOU, Nan LI, Feng YUE |
| author_sort | Wenfu LIU |
| collection | DOAJ |
| description | As Internet applications and services become more and more extensive, the endless network attacks lead to great risks and challenges to the security of information systems.As a model-based network security risk analysis technology, attack graph is helpful to find the vulnerability between network nodes and the harm of being attacked.It has been proved to be an effective method to find and prevent network security risks.Attack graph is mainly divided into state-based attack graph and attribute-based attack graph.Due to the problem of state explosion in state-based attack graph, most researchers prefer the attribute-based attack graph for network risk assessment.In view of the existing researches on attribute-based attack graph, they excessively rely on the vulnerability of network nodes and the essential attributes of atomic attack.However, they ignore that rational attackers usually choose specific attack paths by maximizing attack benefits.Then, a network risk assessment framework and a quantification method of attack benefits-rate based on expected benefits-rate attack graph were proposed.The network risk assessment framework took the open vulnerability resource database, the new vulnerabilities found by the vulnerability mining system and the big data related to network attack and defense as the basic data source.The network risk assessment framework also took the open source big data platform as the analysis tool to mine and calculate the elements related to attack cost and attack benefit.Using the concepts of cost, benefit and benefit-rate in economics, the calculation model of expected benefit-rate of atomic attack was constructed.By constructing the attribute-based attack graph of the target network, the expected benefit-rate of atomic attack on the attack path was calculated, and the expected benefit-rate list of all possible attack paths was generated.Furthermore, taking the expected goal as the starting point, the search was carried out according to the specific optimization strategy (backtracking method, greedy algorithm, dynamic programming).And the complete attack path with the maximum benefit-rate was obtained, which provided the basis for network risk assessment.The simulation results show the effectiveness and rationality of the proposed expected benefit-rate attack graph network risk assessment method, which can provide support for discovering and preventing network security problems. |
| first_indexed | 2024-04-12T22:29:23Z |
| format | Article |
| id | doaj.art-5168daec08454e268fd51c6796c100b6 |
| institution | Directory Open Access Journal |
| issn | 2096-109X |
| language | English |
| last_indexed | 2024-04-12T22:29:23Z |
| publishDate | 2022-08-01 |
| publisher | POSTS&TELECOM PRESS Co., LTD |
| record_format | Article |
| series | 网络与信息安全学报 |
| spelling | doaj.art-5168daec08454e268fd51c6796c100b62022-12-22T03:14:01ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2022-08-0184879710.11959/j.issn.2096-109x.2022047Research on network risk assessment based on attack graph of expected benefits-rateWenfu LIU0 Jianmin PANG, Xin ZHOU, Nan LI, Feng YUE1Information Engineering University, Zhengzhou 450001, China ; State Key Laboratory of Complex Electromagnetic Environment Effects on Electronics and Information System, Luoyang 471003, ChinaInformation Engineering University, Zhengzhou 450001, ChinaAs Internet applications and services become more and more extensive, the endless network attacks lead to great risks and challenges to the security of information systems.As a model-based network security risk analysis technology, attack graph is helpful to find the vulnerability between network nodes and the harm of being attacked.It has been proved to be an effective method to find and prevent network security risks.Attack graph is mainly divided into state-based attack graph and attribute-based attack graph.Due to the problem of state explosion in state-based attack graph, most researchers prefer the attribute-based attack graph for network risk assessment.In view of the existing researches on attribute-based attack graph, they excessively rely on the vulnerability of network nodes and the essential attributes of atomic attack.However, they ignore that rational attackers usually choose specific attack paths by maximizing attack benefits.Then, a network risk assessment framework and a quantification method of attack benefits-rate based on expected benefits-rate attack graph were proposed.The network risk assessment framework took the open vulnerability resource database, the new vulnerabilities found by the vulnerability mining system and the big data related to network attack and defense as the basic data source.The network risk assessment framework also took the open source big data platform as the analysis tool to mine and calculate the elements related to attack cost and attack benefit.Using the concepts of cost, benefit and benefit-rate in economics, the calculation model of expected benefit-rate of atomic attack was constructed.By constructing the attribute-based attack graph of the target network, the expected benefit-rate of atomic attack on the attack path was calculated, and the expected benefit-rate list of all possible attack paths was generated.Furthermore, taking the expected goal as the starting point, the search was carried out according to the specific optimization strategy (backtracking method, greedy algorithm, dynamic programming).And the complete attack path with the maximum benefit-rate was obtained, which provided the basis for network risk assessment.The simulation results show the effectiveness and rationality of the proposed expected benefit-rate attack graph network risk assessment method, which can provide support for discovering and preventing network security problems.http://www.infocomm-journal.com/cjnis/CN/10.11959/j.issn.2096-109x.2022047attack graphrisk assessmentattack pathexpected benefits-rateattack graph of benefits-rate |
| spellingShingle | Wenfu LIU Jianmin PANG, Xin ZHOU, Nan LI, Feng YUE Research on network risk assessment based on attack graph of expected benefits-rate 网络与信息安全学报 attack graph risk assessment attack path expected benefits-rate attack graph of benefits-rate |
| title | Research on network risk assessment based on attack graph of expected benefits-rate |
| title_full | Research on network risk assessment based on attack graph of expected benefits-rate |
| title_fullStr | Research on network risk assessment based on attack graph of expected benefits-rate |
| title_full_unstemmed | Research on network risk assessment based on attack graph of expected benefits-rate |
| title_short | Research on network risk assessment based on attack graph of expected benefits-rate |
| title_sort | research on network risk assessment based on attack graph of expected benefits rate |
| topic | attack graph risk assessment attack path expected benefits-rate attack graph of benefits-rate |
| url | http://www.infocomm-journal.com/cjnis/CN/10.11959/j.issn.2096-109x.2022047 |
| work_keys_str_mv | AT wenfuliu researchonnetworkriskassessmentbasedonattackgraphofexpectedbenefitsrate AT jianminpangxinzhounanlifengyue researchonnetworkriskassessmentbasedonattackgraphofexpectedbenefitsrate |