TY - JOUR
T1 - Defense scheme generation method using mixed path attack graph
AU - Yu, Yang
AU - Xia, Chun He
AU - Hu, Xiao Yun
N1 - Publisher Copyright:
© 2017, Zhejiang University Press. All right reserved.
PY - 2017/9
Y1 - 2017/9
N2 - The common properties of known vulnerability were discussed; the formal description of vulnerability and its exploiting rule were proposed. A mixed path attack graph (MPAG) model was constructed to extend the description semantic of attack graph. MPAG could describe the hidden attack path introduced by 0-day vulnerability and the explicit one introduced by known vulnerability in the same attack graph. Also, the risk of 0-day vulnerability exploiting ratio was calculated. At last, based on MPAG and multi-objective theory, the method of defense scheme generation was proposed, which could generate defense scheme cost and risk balanced. The experiment shows that MAPG could describe hidden attack path, and new known vulnerabilities, which are not exploited in traditional attack graph, may be introduced in MPAG; the ratio of path cover of defense scheme generated based on MPAG is better, and the method can help the security manager find out the omission of defense measure library.
AB - The common properties of known vulnerability were discussed; the formal description of vulnerability and its exploiting rule were proposed. A mixed path attack graph (MPAG) model was constructed to extend the description semantic of attack graph. MPAG could describe the hidden attack path introduced by 0-day vulnerability and the explicit one introduced by known vulnerability in the same attack graph. Also, the risk of 0-day vulnerability exploiting ratio was calculated. At last, based on MPAG and multi-objective theory, the method of defense scheme generation was proposed, which could generate defense scheme cost and risk balanced. The experiment shows that MAPG could describe hidden attack path, and new known vulnerabilities, which are not exploited in traditional attack graph, may be introduced in MPAG; the ratio of path cover of defense scheme generated based on MPAG is better, and the method can help the security manager find out the omission of defense measure library.
KW - 0-day
KW - Defense decision making
KW - Defense scheme
KW - Mixed path attack graph (MPAG)
KW - Multi-objective optimization
UR - https://www.scopus.com/pages/publications/85032682595
U2 - 10.3785/j.issn.1008-973X.2017.09.009
DO - 10.3785/j.issn.1008-973X.2017.09.009
M3 - 文章
AN - SCOPUS:85032682595
SN - 1008-973X
VL - 51
SP - 1745
EP - 1759
JO - Zhejiang Daxue Xuebao (Gongxue Ban)/Journal of Zhejiang University (Engineering Science)
JF - Zhejiang Daxue Xuebao (Gongxue Ban)/Journal of Zhejiang University (Engineering Science)
IS - 9
ER -