Network Security Node-Edge Scoring System Using Attack Graph Based on Vulnerability Correlation-Reference-Cited by-同舟云学术

Network Security Node-Edge Scoring System Using Attack Graph Based on Vulnerability Correlation

Published:2022-07-06 Issue:14 Volume:12 Page:6852
ISSN:2076-3417
Container-title:Applied Sciences
language:en
Short-container-title:Applied Sciences

Author:

Shin Gun-Yoon,Hong Sung-Sam,Lee Jung-Sik,Han In-Sung,Kim Hwa-Kyung,Oh Haeng-Rok

Abstract

As network technology has advanced, and as larger and larger quantities of data are being collected, networks are becoming increasingly complex. Various vulnerabilities are being identified in such networks, and related attacks are continuously occurring. To solve these problems and improve the overall quality of network security, a network risk scoring technique using attack graphs and vulnerability information must be used. This technology calculates the degree of risk by collecting information and related vulnerabilities in the nodes and the edges existing in the network-based attack graph, and then determining the degree of risk in a specific network location or the degree of risk occurring when a specific route is passed within the network. However, in most previous research, the risk of the entire route has been calculated and evaluated based on node information, rather than edge information. Since these methods do not include correlations between nodes, it is relatively difficult to evaluate the risk. Therefore, in this paper, we propose a vulnerability Correlation and Attack Graph-based node-edge Scoring System (VCAG-SS) that can accurately measure the risk of a specific route. The proposed method uses the Common Vulnerability Scoring System (CVSS) along with node and edge information. Performing the previously proposed arithmetic evaluation of confidentiality, integrity, and availability (CIA) and analyzing the correlation of vulnerabilities between each node make it possible to calculate the attack priority. In the experiment, the risk scores of nodes and edges and the risk of each attack route were calculated. Moreover, the most threatening attack route was found by comparing the attack route risk. This confirmed that the proposed method calculated the risk of the network attack route and was able to effectively select the network route by providing the network route priority according to the risk score.

Funder

the Defense Acquisition Program Administration and Agency for Defense Development under the contract cybercenter

Publisher

MDPI AG

Subject

Fluid Flow and Transfer Processes,Computer Science Applications,Process Chemistry and Technology,General Engineering,Instrumentation,General Materials Science

Link

https://www.mdpi.com/2076-3417/12/14/6852/pdf

Reference33 articles.

1. AI agents play hide-and-seek: An OpenAI project demonstrated "emergent behavior" by AI players - [News]

2. National Cyber Range (NCR) automated test tools: Implications and application to network-centric support tools

3. Cyber ranges and security testbeds: Scenarios, functions, tools and architecture

4. Two formal analyses of attack graphs;Jha;Proceedings of the 15th IEEE Computer Security Foundations Workshop,2002

5. Topological Analysis of Network Attack Vulnerability

Cited by 8 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Methodology of Quantitative Assessment of Network Cyber Threats Using a Risk-Based Approach;Applied Cybersecurity & Internet Governance;2024-07-15

2. Digital-Twin-Based CPS Anomaly Diagnosis and Security Defense Countermeasure Recommendation;IEEE Internet of Things Journal;2024-05-15

3. Key Vulnerable Nodes Discovery Based on Bayesian Attack Subgraphs and Improved Fuzzy C-Means Clustering;Mathematics;2024-05-08

4. Assessing the Health of a Network Under Attack;2024 12th International Symposium on Digital Forensics and Security (ISDFS);2024-04-29

5. Enhanced neural network-based attack investigation framework for network forensics: Identification, detection, and analysis of the attack;Computers & Security;2023-12