论文信息 - An Improved Algorithm for Generation of Attack Graph Based on Virtual Performance Node

An Improved Algorithm for Generation of Attack Graph Based on Virtual Performance Node

A variety of graph-based algorithms have been proposed to generate attack graph automatically, few of which take network performance into consideration and satisfy the purpose of network vulnerability analysis. In this paper, Virtual Performance Node (VPN) is defined and an improved graph-based algorithm is proposed. The performance decrease due to attacker's incursion in the whole network is regarded as the attacker's expectation and VPNs are chosen as the net status. This method makes attack graph have an extra ability to measure the attack effect with network performance loss. The algorithm is compared with other methods in the analysis of an experimental network. The results show that the improved attack graph has the least status and acts well with human cognitive habits, which makes it more useful to analyze network vulnerability.

[1] Somesh Jha,et al. Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[2] Wang Guo-yu. A quantitative evaluation technique of attack effect of computer network based on network entropy , 2004 .

[3] Zhang Tao. Automatic Generation of Network Attack Graph , 2006 .

[4] Hai Le Vu,et al. A new approach for network vulnerability analysis , 2008, 2008 33rd IEEE Conference on Local Computer Networks (LCN).

[5] Cynthia A. Phillips,et al. A graph-based system for network-vulnerability analysis , 1998, NSPW '98.

[6] Cun-Hui Zhang,et al. Measures of Network Vulnerability , 2007, IEEE Signal Processing Letters.

[7] Duminda Wijesekera,et al. Scalable, graph-based network vulnerability analysis , 2002, CCS '02.

[8] Wang Guo-yu. Study of network security evaluation based on attack graph model , 2007 .