Towards scalable security analysis using multi-layered security models

Jin B. Hong, Dong Seong Kim

Research output: Contribution to journalArticlepeer-review

51 Citations (Scopus)

Abstract

Security models, such as an attack graph (AG), are widely adopted to assess the security of networked systems, such as utilizing various security metrics and providing a cost-effective network hardening solution. There are various methods of generating these models, but the scalability problem exists for single-layered graph-based security models when analyzing all possible attack paths. To address this problem, we propose to use a multi-layer hierarchical attack representation model (HARM) that models various components in the networked system in different layers to reduce the computational complexity. First, we formulate key questions that need to be answered to assess the scalability of security models. Second, we formally define the multi-layer HARM. Last, we conduct experiments to show the scalability of security models. Our experimental results show that using the HARM can improve the scalability of assessing the security of the networked system significantly in comparison to the single-layered security models in various network scenarios.

Original languageEnglish
Pages (from-to)156-168
Number of pages13
JournalJournal of Network and Computer Applications
Volume75
DOIs
Publication statusPublished - 1 Nov 2016
Externally publishedYes

Fingerprint

Dive into the research topics of 'Towards scalable security analysis using multi-layered security models'. Together they form a unique fingerprint.

Cite this