Scalable Security Model Generation and Analysis Using k-importance Measures

Jin Bum Hong, Dong Seong Kim

Research output: Chapter in Book/Conference paperConference paper

13 Citations (Scopus)

Abstract

Attack representation models (ARMs) (such as attack graphs, attack trees) can be used to model and assess security of a networked system. To do this, one must generate an ARM. However, generation and evaluation of the ARM suffer from a scalability problem when the size of the networked system is very large (e.g., 10,000 computer hosts in the network with a complex network topology). The main reason is that computing all possible attack scenarios to cover all aspects of an attack results in a state space explosion. One idea is to use only important hosts and vulnerabilities in the networked system to generate and evaluate security. We propose to use k-importance measures to generate a two-layer hierarchical ARM that will improve the scalability of model generation and security evaluation computational complexities. We use k 1 number of important hosts based on network centrality measures and k 2 number of significant vulnerabilities of hosts using host security metrics. We show that an equivalent security analysis can be achieved using our approach (using k-importance measures), compared to an exhaustive search.
Original languageEnglish
Title of host publicationSecurity and Privacy in Communication Networks
Subtitle of host publication9th International Conference on Security and Privacy in Communication Systems
EditorsTanveer Zia, Albert Zomaya, Vijay Varadharajan, Morley Mao
Place of PublicationCham
PublisherSpringer
Pages270-287
Number of pages18
ISBN (Electronic)9783319042831
ISBN (Print)9783319042824
DOIs
Publication statusPublished - 2013
Externally publishedYes
Event9th International ICST Conference on Security and Privacy in Communication Networks - Sydney, Australia
Duration: 25 Sep 201328 Sep 2013

Publication series

NameLecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
PublisherSpringer
Volume127
ISSN (Print)1867-8211
ISSN (Electronic)1867-822X

Conference

Conference9th International ICST Conference on Security and Privacy in Communication Networks
Abbreviated titleSecureComm 2013
CountryAustralia
CitySydney
Period25/09/1328/09/13

Fingerprint Dive into the research topics of 'Scalable Security Model Generation and Analysis Using k-importance Measures'. Together they form a unique fingerprint.

Cite this