Visible to the public Security Assessment of Dynamic Networks with an Approach of Integrating Semantic Reasoning and Attack Graphs

Submitted by aekwall on Mon, 10/05/2020 - 10:53am
TitleSecurity Assessment of Dynamic Networks with an Approach of Integrating Semantic Reasoning and Attack Graphs
Publication TypeConference Paper
Year of Publication2018
AuthorsWu, Songyang, Zhang, Yong, Chen, Xiao
Conference Name2018 IEEE 4th International Conference on Computer and Communications (ICCC)
Date Publisheddec
Keywordsattack graph, Cognition, composability, cyber-attacks, decision making, Dynamic Networks and Security, enterprise networks, graph theory, Inference algorithms, inference mechanisms, integrating semantic reasoning, Metrics, Mobile handsets, Network security, Ontologies, ontologies (artificial intelligence), ontology- and graph-based approach, pubcrawl, Resiliency, risk assessment experience, risk management, scalable security analysis, security, security assessment, security knowledge, security of data, Security Ontology, security problems, semantic reasoning, Semantics, test networks, Tools
AbstractBecause of the high-value data of an enterprise, sophisticated cyber-attacks targeted at enterprise networks have become prominent. Attack graphs are useful tools that facilitate a scalable security analysis of enterprise networks. However, the administrators face difficulties in effectively modelling security problems and making right decisions when constructing attack graphs as their risk assessment experience is often limited. In this paper, we propose an innovative method of security assessment through an ontology- and graph-based approach. An ontology is designed to represent security knowledge such as assets, vulnerabilities, attacks, countermeasures, and relationships between them in a common vocabulary. An efficient algorithm is proposed to generate an attack graph based on the inference ability of the security ontology. The proposed algorithm is evaluated with different sizes and topologies of test networks; the results show that our proposed algorithm facilitates a scalable security analysis of enterprise networks.
DOI10.1109/CompComm.2018.8780998
Citation Keywu_security_2018
Groups: