سیویلیکا را در شبکه های اجتماعی دنبال نمایید.

An Attack Graph Based Method for Predictive Risk Evaluation of Zero-Day Attacks

Publish Year: 1396
Type: Journal paper
Language: English
View: 215

This Paper With 10 Page And PDF Format Ready To Download

Export:

Link to this Paper:

Document National Code:

JR_ITRC-9-3_002

Index date: 10 March 2021

An Attack Graph Based Method for Predictive Risk Evaluation of Zero-Day Attacks abstract

Performing risk assessment of computer networks is inevitable in the process of network hardening. To do efficient attack prevention, risk evaluation must be done in an accurate and quantitative manner. Such risk assessment requires thorough understanding of attack’s causes or vulnerabilities and their related characteristics. But one major problem is that, there are vulnerabilities that are known by attackers but there is no information about them in databases like NVD (National Vulnerability Database). Such vulnerabilities are referred to as unknown or zero day attacks. Existing standards like NVD ignore the effect of unknown attacks in risk assessment of computer networks. In this paper, by defining some attack graph based security metrics, we proposed an innovative method for risk evaluation of multi-step Zero-Day Attacks. Proposed method by predicting the intrinsic features of Zero-Day attacks makes their risk estimation possible. Considering the effect of Temporal features of vulnerabilities have made our approach a Dynamic Risk Estimator

An Attack Graph Based Method for Predictive Risk Evaluation of Zero-Day Attacks Keywords:

An Attack Graph Based Method for Predictive Risk Evaluation of Zero-Day Attacks authors