Scalable security analysis in hierarchical attack representation model using centrality measures

Jin B. Hong, Dong Seong Kim

Research output: Chapter in Book/Conference paperConference paper

11 Citations (Scopus)

Abstract

Network security can be analysed using attack representation models (ARMs) (e.g., Attack Graphs (AGs) and Attack Trees (ATs)). One can analyse the network security by computing all possible attack scenarios, but it suffers from a scalability problem. We propose centrality based network security analysis by ranking important hosts based on network centrality measures, and vulnerabilities based on security metric values. We used two-layer hierarchical attack representation model to evaluate the network security, by taking into account importance of hosts and vulnerabilities in the upper and the lower layers, respectively. We define a new centrality measure based on the location of an attacker and a target. We simulate security analysis using centrality measures comparing with an exhaustive search method. Further, we investigate the performance when the location of the attacker is different in the network.

Original languageEnglish
Title of host publication2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop, DSN-W 2013
Place of PublicationUnited States
PublisherIEEE, Institute of Electrical and Electronics Engineers
Number of pages8
ISBN (Print)9781479901814
DOIs
Publication statusPublished - 28 Oct 2013
Externally publishedYes
Event2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop, DSN-W 2013 - Budapest, Hungary
Duration: 24 Jun 201327 Jun 2013

Conference

Conference2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop, DSN-W 2013
CountryHungary
CityBudapest
Period24/06/1327/06/13

Fingerprint

Network security
Scalability

Cite this

Hong, J. B., & Kim, D. S. (2013). Scalable security analysis in hierarchical attack representation model using centrality measures. In 2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop, DSN-W 2013 [6615507] United States: IEEE, Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/DSNW.2013.6615507
Hong, Jin B. ; Kim, Dong Seong. / Scalable security analysis in hierarchical attack representation model using centrality measures. 2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop, DSN-W 2013. United States : IEEE, Institute of Electrical and Electronics Engineers, 2013.
@inproceedings{58d7d0454b824468a2357e2b2c8e02ae,
title = "Scalable security analysis in hierarchical attack representation model using centrality measures",
abstract = "Network security can be analysed using attack representation models (ARMs) (e.g., Attack Graphs (AGs) and Attack Trees (ATs)). One can analyse the network security by computing all possible attack scenarios, but it suffers from a scalability problem. We propose centrality based network security analysis by ranking important hosts based on network centrality measures, and vulnerabilities based on security metric values. We used two-layer hierarchical attack representation model to evaluate the network security, by taking into account importance of hosts and vulnerabilities in the upper and the lower layers, respectively. We define a new centrality measure based on the location of an attacker and a target. We simulate security analysis using centrality measures comparing with an exhaustive search method. Further, we investigate the performance when the location of the attacker is different in the network.",
keywords = "Attack Graph, Attack Tree, Network Centrality, Security Analysis, Security Modelling Techniques",
author = "Hong, {Jin B.} and Kim, {Dong Seong}",
year = "2013",
month = "10",
day = "28",
doi = "10.1109/DSNW.2013.6615507",
language = "English",
isbn = "9781479901814",
booktitle = "2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop, DSN-W 2013",
publisher = "IEEE, Institute of Electrical and Electronics Engineers",
address = "United States",

}

Hong, JB & Kim, DS 2013, Scalable security analysis in hierarchical attack representation model using centrality measures. in 2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop, DSN-W 2013., 6615507, IEEE, Institute of Electrical and Electronics Engineers, United States, 2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop, DSN-W 2013, Budapest, Hungary, 24/06/13. https://doi.org/10.1109/DSNW.2013.6615507

Scalable security analysis in hierarchical attack representation model using centrality measures. / Hong, Jin B.; Kim, Dong Seong.

2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop, DSN-W 2013. United States : IEEE, Institute of Electrical and Electronics Engineers, 2013. 6615507.

Research output: Chapter in Book/Conference paperConference paper

TY - GEN

T1 - Scalable security analysis in hierarchical attack representation model using centrality measures

AU - Hong, Jin B.

AU - Kim, Dong Seong

PY - 2013/10/28

Y1 - 2013/10/28

N2 - Network security can be analysed using attack representation models (ARMs) (e.g., Attack Graphs (AGs) and Attack Trees (ATs)). One can analyse the network security by computing all possible attack scenarios, but it suffers from a scalability problem. We propose centrality based network security analysis by ranking important hosts based on network centrality measures, and vulnerabilities based on security metric values. We used two-layer hierarchical attack representation model to evaluate the network security, by taking into account importance of hosts and vulnerabilities in the upper and the lower layers, respectively. We define a new centrality measure based on the location of an attacker and a target. We simulate security analysis using centrality measures comparing with an exhaustive search method. Further, we investigate the performance when the location of the attacker is different in the network.

AB - Network security can be analysed using attack representation models (ARMs) (e.g., Attack Graphs (AGs) and Attack Trees (ATs)). One can analyse the network security by computing all possible attack scenarios, but it suffers from a scalability problem. We propose centrality based network security analysis by ranking important hosts based on network centrality measures, and vulnerabilities based on security metric values. We used two-layer hierarchical attack representation model to evaluate the network security, by taking into account importance of hosts and vulnerabilities in the upper and the lower layers, respectively. We define a new centrality measure based on the location of an attacker and a target. We simulate security analysis using centrality measures comparing with an exhaustive search method. Further, we investigate the performance when the location of the attacker is different in the network.

KW - Attack Graph

KW - Attack Tree

KW - Network Centrality

KW - Security Analysis

KW - Security Modelling Techniques

UR - http://www.scopus.com/inward/record.url?scp=84886067557&partnerID=8YFLogxK

U2 - 10.1109/DSNW.2013.6615507

DO - 10.1109/DSNW.2013.6615507

M3 - Conference paper

SN - 9781479901814

BT - 2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop, DSN-W 2013

PB - IEEE, Institute of Electrical and Electronics Engineers

CY - United States

ER -

Hong JB, Kim DS. Scalable security analysis in hierarchical attack representation model using centrality measures. In 2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop, DSN-W 2013. United States: IEEE, Institute of Electrical and Electronics Engineers. 2013. 6615507 https://doi.org/10.1109/DSNW.2013.6615507