文章基本信息

标题：K maximum probability attack paths dynamic generation algorithm
本地全文：下载
作者：Bi, Kun ; Han, Dezhi ; Wang, Jun 等
期刊名称：Computer Science and Information Systems
印刷版ISSN：1820-0214
电子版ISSN：2406-1018
出版年度：2016
卷号：13
期号：2
页码：677-689
DOI：10.2298/CSIS160227022B
出版社：ComSIS Consortium
摘要：An attack graph depicts multiple-step attack and provides a description of system security vulnerabilities. It illustrates critical information necessary to identify potential weaknesses and areas for enhanced defense. Attack graphs include multiple attack paths, which are a focus for further detailed analysis and risk mitigation. Considering that different vulnerabilities have different probabilities of being exploited, this paper proposes an algorithm to dynamically generate the top K attack paths with maximum probabilities for every node of a system. The proposed algorithm does not require generation of the full attack graph to calculate the K attack paths. Instead, it directly processes and analyzes the system input data and dynamically identifies the K attack paths. The computational time, based upon the complexity of the attack paths, can be constrained by the parameter K. Experimental results show that the algorithm is scalable and efficient.
关键词：attack path; attack graph; K shortest paths; system security; network security