Abstract
To help network administrators to pre-identify potential vulnerabilities and security threats, an active response strategy selecting method based on attack graph was presented. In this method, the network attack graph model forecast aggressive behavior, and analysed attack path with quantitative metrics. The method used the observations during the attack process to match attack graph and updates the belief state. Finally, the partial observable Markov game (POMG) algorithm was used to choose optimal active response strategy. Experimental results show that the active response strategy selection method based on attack graph can improve the accuracy and effectiveness of the response.
| Original language | English |
|---|---|
| Pages (from-to) | 1659-1664 |
| Number of pages | 6 |
| Journal | Beijing Gongye Daxue Xuebao / Journal of Beijing University of Technology |
| Volume | 38 |
| Issue number | 11 |
| Publication status | Published - Nov 2012 |
Keywords
- Intrusion graph
- Network security
- Partial observable Markov game (POMG)