JCSM
 2014
DOI: 10.13052/jcsm2245-1439.312
|View full text |Cite
|
Sign up to set email alerts
|

Fast Network Attack Modeling and Security Evaluation based on Attack Graphs

Igor Kotenko
1
,
Andrey Chechulin
2

Abstract: The paper suggests an approach to network attack modeling and security evaluation which is realized in advanced Security Information and Event Management (SIEM) systems. It is based on modeling of computer network and malefactors' behaviors, building attack graphs, processing current alerts for real-time adjusting of particular attack graphs, calculating different security metrics and providing security assessment procedures. The novelty of the proposed approach is the use of special algorithms for constructio… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
4
1

Citation Types

0
15
0
1

Year Published

2016
2016
2024
2024

Publication Types

Select...
7
1
1

Relationship

0
9

Authors

Journals

citations
Cited by 22 publications
(16 citation statements)
references
References 18 publications
0
15
0
1
Order By: Relevance
“…An example of external semiotic inconsistency (adapted from [12] (left) and [6] (right)) ternal and external semiotic inconsistency are provided in terms of the way preconditions, exploits and precondition operators are represented. [209] vs [208] pr p , ex e vs pr e , ex r [26] vs [27] Same paper pr r vs pr p [85] pr r vs pr h [54] pr r blue vs pr h purple [6] pr r vs pr h [63] or td vs or lr * [232] pr e , ex r vs pr r , ex na [36] ef bu vs ef td [113]…”
Section: Internal and External Semiotic Inconsistencymentioning
confidence: 99%

A review of attack graph and attack tree visual syntax in cyber security

Lallie
1
,
Debattista
2
,
Bal
3
2020
Computer Science Review
150
1
69
0
View full textAdd to dashboardCite
show abstract
“…An example of external semiotic inconsistency (adapted from [12] (left) and [6] (right)) ternal and external semiotic inconsistency are provided in terms of the way preconditions, exploits and precondition operators are represented. [209] vs [208] pr p , ex e vs pr e , ex r [26] vs [27] Same paper pr r vs pr p [85] pr r vs pr h [54] pr r blue vs pr h purple [6] pr r vs pr h [63] or td vs or lr * [232] pr e , ex r vs pr r , ex na [36] ef bu vs ef td [113]…”
Section: Internal and External Semiotic Inconsistencymentioning
confidence: 99%

A review of attack graph and attack tree visual syntax in cyber security

Lallie
1
,
Debattista
2
,
Bal
3
2020
Computer Science Review
150
1
69
0
View full textAdd to dashboardCite
show abstract
“…According to [19] it is impossible for organizations to make precise estimates of the economic damages caused by an attack without having full knowledge of users' IT environment. In [11], [20] authors state that network configuration should be monitored on a continuous basis, and vulnerabilities must be analyzed to provide the necessary appropriate security level. Secondly, the computed integrity impact is a real number which enables to put on one uniform scale for comparison reasons various states rather than the current ordinal three-grades scale, naming low, medium and high.…”
Section: Proposed Frameworkmentioning
confidence: 99%

Quantifying Integrity Impacts in Security Risk Scoring Models

Weintraub1
2017
ijacsa
0
0
0
0
View full textAdd to dashboardCite
show abstract
“…According to [9] it is impossible for organizations to make precise estimates of the economic losses caused by an attack without having full knowledge of users' IT environment. Reference [10] states that organizations should monitor their network continually, and analyze available vulnerabilities to provide the necessary security levels. Secondly, the information of the environmental components is described in this research is in resolution of data items rather than entire systems, thus enabling focused information in relevance to each data item.…”
Section: The Proposed Frameworkmentioning
confidence: 99%

Security Risk Scoring Incorporating Computers' Environment

Weintraub1
2016
ijacsa
7
0
8
0
View full textAdd to dashboardCite
show abstract
scite logo

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Product
Browser ExtensionAssistant by sciteCitation Statement SearchReference CheckVisualizationsDashboardsExplore JournalsExplore OrganizationsExplore FundersEmbedding BadgeEmbedding Citation SearchPricing
Resources
BlogHelp & FAQAccessibility StatementAPI TermsFor Universities & GovernmentsFor ResearchersFor PublishersFor Corporate, Pharma & EnterpriseAuthor MarketingBecome an AffiliateGet an organization trial or quotescite Data & Services
About
News & PressCareersRead our PaperCoverage

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

BlogTerms and ConditionsAPI TermsPrivacy PolicyContactCookie PreferencesDo Not Sell or Share My Personal Information

Copyright © 2024 scite LLC. All rights reserved.

Made with 💙 for researchers

Part of the Research Solutions Family.