A Method Based on Global Attack Graph for Network Hardening

A Method Based on Global Attack Graph for Network Hardening

In order to improve the overall security of networks, a method of making strategies for network hardening based on global attack graphs is proposed. This method calculates the reachability of network states by using a global attack graph firstly, and then the security loss of network states and the...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Dapeng Man, Yang Wu, Yongtian Yang
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Costs
Greedy algorithms
Information security
Samarium
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:In order to improve the overall security of networks, a method of making strategies for network hardening based on global attack graphs is proposed. This method calculates the reachability of network states by using a global attack graph firstly, and then the security loss of network states and the criticality of security elements are got. Security elements are removed based on the rule of maximum-criticality-first. The operability of security enhancement strategies made by this method is better than traditional methods.
ISSN:2161-9646
DOI:10.1109/WiCom.2008.1086