Visible to the public Biblio

Filters: Author is Chen, Xiao  [Clear All Filters]
2020-10-05
Wu, Songyang, Zhang, Yong, Chen, Xiao.  2018.  Security Assessment of Dynamic Networks with an Approach of Integrating Semantic Reasoning and Attack Graphs. 2018 IEEE 4th International Conference on Computer and Communications (ICCC). :1166–1174.
Because of the high-value data of an enterprise, sophisticated cyber-attacks targeted at enterprise networks have become prominent. Attack graphs are useful tools that facilitate a scalable security analysis of enterprise networks. However, the administrators face difficulties in effectively modelling security problems and making right decisions when constructing attack graphs as their risk assessment experience is often limited. In this paper, we propose an innovative method of security assessment through an ontology- and graph-based approach. An ontology is designed to represent security knowledge such as assets, vulnerabilities, attacks, countermeasures, and relationships between them in a common vocabulary. An efficient algorithm is proposed to generate an attack graph based on the inference ability of the security ontology. The proposed algorithm is evaluated with different sizes and topologies of test networks; the results show that our proposed algorithm facilitates a scalable security analysis of enterprise networks.