Analysis of Attack Graphs Based on Network Flow Method

Wu Jinyu; Jin Shuyuan; Yang Zhi

Journal of Computer Research and Development > 2011 > 48(8): 1497-1505.

Wu Jinyu, Jin Shuyuan, Yang Zhi. Analysis of Attack Graphs Based on Network Flow Method[J]. Journal of Computer Research and Development, 2011, 48(8): 1497-1505.

Citation:

Wu Jinyu, Jin Shuyuan, Yang Zhi. Analysis of Attack Graphs Based on Network Flow Method[J]. Journal of Computer Research and Development, 2011, 48(8): 1497-1505.

Citation:

Wu Jinyu, Jin Shuyuan, Yang Zhi. Analysis of Attack Graphs Based on Network Flow Method[J]. Journal of Computer Research and Development, 2011, 48(8): 1497-1505.

PDF (1507 KB)

Analysis of Attack Graphs Based on Network Flow Method

1(School of Computer Science, Beijing University of Posts and Telecommunications, Beijing 100876) 2(Institute of Computing Technology, Chinese Academy of Sciences, Beijing 100190) 3(Institute of Electronic Technology, Information Engineering University, Zhengzhou 450004)

More Information

Published Date: August 14, 2011

Graphical Abstract

Abstract

Abstract

An intruder often breaks into a network through a chain of exploits. Each exploit in the chain lays the groundwork for subsequent exploits. Such a chain is called attack path. Attack graph, one kind of succinct representation of attack paths, is an important tool for analyzing security vulnerabilities in networks. Security analysts use attack graphs for detection and defense. However, attack graphs do not directly provide a solution to protect key resources from invasion. And finding a solution by hand is error-prone and tedious. Existing automated methods for finding such solutions are less efficient and scale poorly. In this paper, we propose solutions based on network flow method to automate the task of hardening a network against multi-step intrusions. We discuss the optimization critical attack sets problem and the optimization critical initial condition sets problem. Then we define the atomic-attacks split weighted attack graph (ASWAG) and the initial-condition split weighted attack graph (ISWAG), and convert the former two problems into the minimum S-T cut problems in ASWAG and ISWAG. The conversions are proved to be equivalent. Two algorithms with polynomial time complexity are proposed. Simulation results show that the algorithms are more efficient and scale better than the existing methods. We can use them to analyze large-scale attack graphs.
- security assessment,
- attack graphs,
- maximum flow,
- minimum cut,
- optimization security measures

FullText(HTML)

References (0)

[1]	Wang Jieting, Qian Yuhua, Li Feijiang, Liu Guoqing. Support Vector Machine with Eliminating the Random Consistency[J]. Journal of Computer Research and Development, 2020, 57(8): 1581-1593. DOI: 10.7544/issn1000-1239.2020.20200127
[2]	Feng Chang, Liao Shizhong. Model Selection for Gaussian Kernel Support Vector Machines in Random Fourier Feature Space[J]. Journal of Computer Research and Development, 2016, 53(9): 1971-1978. DOI: 10.7544/issn1000-1239.2016.20150489
[3]	Hua Xiaopeng, Ding Shifei. Locality Preserving Twin Support Vector Machines[J]. Journal of Computer Research and Development, 2014, 51(3): 590-597.
[4]	Guo Husheng, Wang Wenjian. A Support Vector Machine Learning Method Based on Granule Shift Parameter[J]. Journal of Computer Research and Development, 2013, 50(11): 2315-2324.
[5]	Ding Lizhong and Liao Shizhong. Approximate Model Selection on Regularization Path for Support Vector Machines[J]. Journal of Computer Research and Development, 2012, 49(6): 1248-1255.
[6]	Xu Peng, Liu Qiong, and Lin Sen. Internet Traffic Classification Using Support Vector Machine[J]. Journal of Computer Research and Development, 2009, 46(3): 407-414.
[7]	Xiong Jinzhi, Yuan Huaqiang, Peng Hong. A General Formulation of Polynomial Smooth Support Vector Machines[J]. Journal of Computer Research and Development, 2008, 45(8): 1346-1353.
[8]	Li Yingxin and Ruan Xiaogang. Feature Selection for Cancer Classification Based on Support Vector Machine[J]. Journal of Computer Research and Development, 2005, 42(10): 1796-1801.
[9]	Liu Xiangdong, Luo Bin, and Chen Zhaoqian. Optimal Model Selection for Support Vector Machines[J]. Journal of Computer Research and Development, 2005, 42(4): 576-581.
[10]	Wu Gaowei, Tao Qing, Wang Jue. Support Vector Machines Based on Posteriori Probability[J]. Journal of Computer Research and Development, 2005, 42(2): 196-202.