A hybrid ranking approach to estimate vulnerability for dynamic attacks

To enhance security in dynamic networks, it is important to evaluate the vulnerabilities and offer economic and practical patching strategy since vulnerability is the major driving force for attacks. In this paper, a hybrid ranking approach is presented to estimate vulnerabilities under the dynamic scenarios, which is a combination of low-level rating for vulnerability instances and high-level evaluation for the security level of the network system. Moreover, a novel quantitative model, an adapted attack graph, is also proposed to escaping isolated scoring, which takes the dynamic and logic relations among exploits into account, and significantly benefits to vulnerability analysis. To validate applicability and performance of our approach, a hybrid ranking case is implemented as experimental platform. The ranking results show that our approach differentiates the influential levels among vulnerabilities under dynamic attacking scenarios and economically enhances the security of network system.

[1]  Nicholas Kyriakopoulos,et al.  A comparative analysis of network dependability, fault-tolerance, reliability, security, and survivability , 2009, IEEE Communications Surveys & Tutorials.

[2]  John Hale,et al.  A systematic approach to multi-stage network attack analysis , 2004, Second IEEE International Information Assurance Workshop, 2004. Proceedings..

[3]  Peng Liu,et al.  Incentive-based modeling and inference of attacker intent, objectives, and strategies , 2003, CCS '03.

[4]  Sushil Jajodia,et al.  Topological analysis of network attack vulnerability , 2006, PST.

[5]  Mohammad Abdollahi Azgomi,et al.  A distributed attack simulation for quantitative security evaluation using SimEvents , 2009, 2009 IEEE/ACS International Conference on Computer Systems and Applications.

[6]  Laurent Gallon,et al.  A New Distributed IDS Based on CVSS Framework , 2008, 2008 IEEE International Conference on Signal Image Technology and Internet Based Systems.

[7]  Peng Liu,et al.  Intelligent Cyber Security Analysis in Enterprise Networks , 2007, AAAI Fall Symposium: Regarding the Intelligence in Distributed Intelligent Systems.

[8]  Siv Hilde Houmb,et al.  Estimating ToE Risk Level Using CVSS , 2009, 2009 International Conference on Availability, Reliability and Security.

[9]  Somesh Jha,et al.  Two formal analyses of attack graphs , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[10]  Siv Hilde Houmb,et al.  Estimating Impact and Frequency of Risks to Safety and Mission Critical Systems Using CVSS , 2008 .

[11]  Gevork B. Gharehpetian,et al.  Application of core vector machines for on-line voltage security assessment using a decisiontree-based feature selection algorithm , 2009 .

[12]  Richard Lippmann,et al.  Practical Attack Graph Generation for Network Defense , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[13]  Nirnay Ghosh,et al.  An Intelligent Technique for Generating Minimal Attack Graph , .

[14]  Hai Le Vu,et al.  A new approach for network vulnerability analysis , 2008, IEEE Conference on Local Computer Networks.

[15]  Duminda Wijesekera,et al.  Scalable, graph-based network vulnerability analysis , 2002, CCS '02.

[16]  Eugene A. Feinberg,et al.  Handbook of Markov Decision Processes , 2002 .

[17]  Bharat B. Madan,et al.  A method for modeling and quantifying the security attributes of intrusion tolerant systems , 2004, Perform. Evaluation.