TY - GEN
T1 - An Improved Monte Carlo Graph Search Algorithm for Optimal Attack Path Analysis
AU - Xie, Hui
AU - Lv, Kun
AU - Hu, Changzhen
N1 - Publisher Copyright:
© 2018 IEEE.
PY - 2018/9/5
Y1 - 2018/9/5
N2 - The problem of optimal attack path analysis is one of the hotspots in network security. Many methods are available to calculate an optimal attack path, such as Q-learning algorithm, heuristic algorithms, etc. But most of them have shortcomings. Some methods can lead to the problem of path loss, and some methods render the result un-comprehensive. This article proposes an improved Monte Carlo Graph Search algorithm (IMCGS) to calculate optimal attack paths in target network. IMCGS can avoid the problem of path loss and get comprehensive results quickly. IMCGS is divided into two steps: selection and backpropagation, which is used to calculate optimal attack paths. A weight vector containing priority, host connection number, CVSS value is proposed for every host in an attack path. This vector is used to calculate the evaluation value, the total CVSS value and the average CVSS value of a path in the target network. Result for a sample test network is presented to demonstrate the capabilities of the proposed algorithm to generate optimal attack paths in one single run. The results obtained by IMCGS show good performance and are compared with Ant Colony Optimization Algorithm (ACO) and k-zero attack graph.
AB - The problem of optimal attack path analysis is one of the hotspots in network security. Many methods are available to calculate an optimal attack path, such as Q-learning algorithm, heuristic algorithms, etc. But most of them have shortcomings. Some methods can lead to the problem of path loss, and some methods render the result un-comprehensive. This article proposes an improved Monte Carlo Graph Search algorithm (IMCGS) to calculate optimal attack paths in target network. IMCGS can avoid the problem of path loss and get comprehensive results quickly. IMCGS is divided into two steps: selection and backpropagation, which is used to calculate optimal attack paths. A weight vector containing priority, host connection number, CVSS value is proposed for every host in an attack path. This vector is used to calculate the evaluation value, the total CVSS value and the average CVSS value of a path in the target network. Result for a sample test network is presented to demonstrate the capabilities of the proposed algorithm to generate optimal attack paths in one single run. The results obtained by IMCGS show good performance and are compared with Ant Colony Optimization Algorithm (ACO) and k-zero attack graph.
KW - Attack graph
KW - Dynamic programming
KW - Improved Monte Carlo Graph Search
KW - Network security
KW - Optimal attack path
UR - http://www.scopus.com/inward/record.url?scp=85054097174&partnerID=8YFLogxK
U2 - 10.1109/TrustCom/BigDataSE.2018.00054
DO - 10.1109/TrustCom/BigDataSE.2018.00054
M3 - Conference contribution
AN - SCOPUS:85054097174
SN - 9781538643877
T3 - Proceedings - 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications and 12th IEEE International Conference on Big Data Science and Engineering, Trustcom/BigDataSE 2018
SP - 307
EP - 315
BT - Proceedings - 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications and 12th IEEE International Conference on Big Data Science and Engineering, Trustcom/BigDataSE 2018
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications and 12th IEEE International Conference on Big Data Science and Engineering, Trustcom/BigDataSE 2018
Y2 - 31 July 2018 through 3 August 2018
ER -