会议专题

A Systematic Model to Multi-Stage Network Attack Analysis

The typical means by which an attacker breaks into a network is through a chain of exploits, where each exploit in the chain lays the groundwork for subsequent exploits. Such a chain is called an attack path, and the set of all possible attack paths form an attack graph. Researchers have proposed a variety of methods to generate attack graphs. This paper presents a graph-based approach to network vulnerability analysis. The method is flexible, and it has following benefits: it generates a more intuitive attack graph which can be easily understood by administrator, and its algorithmic complexity is polynomial in the size of the network. Our attack graph not only contains vulnerabilities which belong to Privilege_ Escalation, but also deals with the other type of vulnerability such as DOS, XSS etc. In order to reduce the complexity of graph, we propose CAG (Constraint Attack Graph) which uses constraints to simplify the attack graph. And then we track all attack paths and compute critical vulnerabilities, hence, an analyst can make optimal choices when repairing the network.

attack graph attack path vulnerability analysis

ChengChen YongWang ShuYuanJin YongZhengZhang

Institute of Computing Technology Chinese Academy Sciences Beijing, China University of science and Institute of Computing Technology Chinese Academy Sciences Beijing, China

国际会议

2010 International Conference on Information Security and Artificial Intelligence(2010年信息安全与人工智能国际会议 ISAI 2010)

成都

英文

348-354

2010-12-17(万方平台首次上网日期,不代表论文的发表时间)