Journal's Facebook pageK Maximum Probability Attack Paths Dynamic Generation Algorithm
- College of Information Engineering, Shanghai Maritime University
Shanghai 201306, China
kunbi@shmtu.edu.cn, dezhihan88@sina.com, jwang@eecs.ucf.edu
Abstract
An attack graph depicts multiple-step attack and provides a description of system security vulnerabilities. It illustrates critical information necessary to identify potential weaknesses and areas for enhanced defense. Attack graphs include multiple attack paths, which are a focus for further detailed analysis and risk mitigation. Considering that different vulnerabilities have different probabilities of being exploited, this paper proposes an algorithm to dynamically generate the top K attack paths with maximum probabilities for every node of a system. The proposed algorithm does not require generation of the full attack graph to calculate the K attack paths. Instead, it directly processes and analyzes the system input data and dynamically identifies the K attack paths. The computational time, based upon the complexity of the attack paths, can be constrained by the parameter K. Experimental results show that the algorithm is scalable and efficient.
Key words
attack path, attack graph, K shortest paths, system security, network security
Digital Object Identifier (DOI)
https://doi.org/10.2298/CSIS160227022B
Publication information
Volume 13, Issue 2 (June 2016)
Year of Publication: 2016
ISSN: 2406-1018 (Online)
Publisher: ComSIS Consortium
Full text
Available in PDF
Portable Document Format
How to cite
Bi, K., Han, D., Wang, J.: K Maximum Probability Attack Paths Dynamic Generation Algorithm. Computer Science and Information Systems, Vol. 13, No. 2, 677–689. (2016), https://doi.org/10.2298/CSIS160227022B
