An Approach for Internal Network Security Metric Based on Attack Probability

Chun Shan; Benfu Jiang; Jingfeng Xue; Fang Guan; Na Xiao

doi:10.1155/2018/3652170

An Approach for Internal Network Security Metric Based on Attack Probability

Chun Shan, Benfu Jiang, Jingfeng Xue^*, Fang Guan, Na Xiao

^*Corresponding author for this work

School of Computer Science and Technology

Research output: Contribution to journal › Article › peer-review

5 Citations (Scopus)

Abstract

A network security metric may provide quantifiable evidence to assist security practitioners in securing computer networks. However, research on security metrics based on attack graph is not applicable to the characteristics of internal attack; therefore we propose an internal network security metric method based on attack probability. Our approach has the following benefits: it provides the method of attack graph simplification with monitoring event node which could solve the attack graph exponential growth with the network size, while undermining the disguise of internal attacks and improving the efficiency of the entire method; the method of attack probability calculation based on simplified attack graph can simplify the complexity of internal attacks and improve the accuracy of the approach.

Original language	English
Article number	3652170
Journal	Security and Communication Networks
Volume	2018
DOIs	https://doi.org/10.1155/2018/3652170
Publication status	Published - 24 Apr 2018

Access to Document

10.1155/2018/3652170

Cite this

@article{9d445150a27a4130b5e01723b7d0b740,

title = "An Approach for Internal Network Security Metric Based on Attack Probability",

abstract = "A network security metric may provide quantifiable evidence to assist security practitioners in securing computer networks. However, research on security metrics based on attack graph is not applicable to the characteristics of internal attack; therefore we propose an internal network security metric method based on attack probability. Our approach has the following benefits: it provides the method of attack graph simplification with monitoring event node which could solve the attack graph exponential growth with the network size, while undermining the disguise of internal attacks and improving the efficiency of the entire method; the method of attack probability calculation based on simplified attack graph can simplify the complexity of internal attacks and improve the accuracy of the approach.",

author = "Chun Shan and Benfu Jiang and Jingfeng Xue and Fang Guan and Na Xiao",

note = "Publisher Copyright: {\textcopyright} 2018 Chun Shan et al.",

year = "2018",

month = apr,

day = "24",

doi = "10.1155/2018/3652170",

language = "English",

volume = "2018",

journal = "Security and Communication Networks",

issn = "1939-0114",

publisher = "Hindawi Limited",

}

TY - JOUR

T1 - An Approach for Internal Network Security Metric Based on Attack Probability

AU - Shan, Chun

AU - Jiang, Benfu

AU - Xue, Jingfeng

AU - Guan, Fang

AU - Xiao, Na

PY - 2018/4/24

Y1 - 2018/4/24

N2 - A network security metric may provide quantifiable evidence to assist security practitioners in securing computer networks. However, research on security metrics based on attack graph is not applicable to the characteristics of internal attack; therefore we propose an internal network security metric method based on attack probability. Our approach has the following benefits: it provides the method of attack graph simplification with monitoring event node which could solve the attack graph exponential growth with the network size, while undermining the disguise of internal attacks and improving the efficiency of the entire method; the method of attack probability calculation based on simplified attack graph can simplify the complexity of internal attacks and improve the accuracy of the approach.

AB - A network security metric may provide quantifiable evidence to assist security practitioners in securing computer networks. However, research on security metrics based on attack graph is not applicable to the characteristics of internal attack; therefore we propose an internal network security metric method based on attack probability. Our approach has the following benefits: it provides the method of attack graph simplification with monitoring event node which could solve the attack graph exponential growth with the network size, while undermining the disguise of internal attacks and improving the efficiency of the entire method; the method of attack probability calculation based on simplified attack graph can simplify the complexity of internal attacks and improve the accuracy of the approach.

UR - http://www.scopus.com/inward/record.url?scp=85046772220&partnerID=8YFLogxK

U2 - 10.1155/2018/3652170

DO - 10.1155/2018/3652170

M3 - Article

AN - SCOPUS:85046772220

SN - 1939-0114

VL - 2018

JO - Security and Communication Networks

JF - Security and Communication Networks

M1 - 3652170

ER -

An Approach for Internal Network Security Metric Based on Attack Probability

Abstract

Access to Document

Other files and links

Fingerprint

Cite this