TY - GEN
T1 - Optimal attack path generation based on supervised kohonen neural network
AU - Chen, Yun
AU - Lv, Kun
AU - Hu, Changzhen
N1 - Publisher Copyright:
© Springer International Publishing AG 2017.
PY - 2017
Y1 - 2017
N2 - Attack graph is a general paradigm to model the weakness of an information system network and all possible attack sequences that attackers can obtain specific targets. In real systems, a vast majority of attack graph generation methods suffer from the states explosion issue. However, if we can predict which attack actions will own the maximum probability to be exploited by intruders precisely, namely finding the optimal attack path, we can solve this problem. In this paper, we propose an attack graph generation algorithm based on supervised Kohonen neural network. Using this method, we can presage the attack success rate and attack status types which would be attained if attackers successfully exploit vulnerabilities. Based on these results and the network topology, a probabilistic matrix and an optimal atomic attack matrix are proposed by us. Finally, the two matrices can be effectively used to generate the optimal attack path. After modeling the optimal path, the core nodes in the target network can be located, and network administrators can enact a series of effective defense strategies according to them.
AB - Attack graph is a general paradigm to model the weakness of an information system network and all possible attack sequences that attackers can obtain specific targets. In real systems, a vast majority of attack graph generation methods suffer from the states explosion issue. However, if we can predict which attack actions will own the maximum probability to be exploited by intruders precisely, namely finding the optimal attack path, we can solve this problem. In this paper, we propose an attack graph generation algorithm based on supervised Kohonen neural network. Using this method, we can presage the attack success rate and attack status types which would be attained if attackers successfully exploit vulnerabilities. Based on these results and the network topology, a probabilistic matrix and an optimal atomic attack matrix are proposed by us. Finally, the two matrices can be effectively used to generate the optimal attack path. After modeling the optimal path, the core nodes in the target network can be located, and network administrators can enact a series of effective defense strategies according to them.
KW - Attack graph
KW - Optimal attack path
KW - Supervised Kohonen neural network
UR - http://www.scopus.com/inward/record.url?scp=85028464679&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-64701-2_29
DO - 10.1007/978-3-319-64701-2_29
M3 - Conference contribution
AN - SCOPUS:85028464679
SN - 9783319647005
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 399
EP - 412
BT - Network and System Security - 11th International Conference, NSS 2017, Proceedings
A2 - Yan, Zheng
A2 - Molva, Refik
A2 - Mazurczyk, Wojciech
A2 - Kantola, Raimo
PB - Springer Verlag
T2 - 11th International Conference on Network and System Security, NSS 2017
Y2 - 21 August 2017 through 23 August 2017
ER -