Arnab Paul Joy, Mosarrat Jahan, U. Kabir, S. Mahato
{"title":"Precise Estimation of Local Probabilities for Bayesian Attack Graph Analysis","authors":"Arnab Paul Joy, Mosarrat Jahan, U. Kabir, S. Mahato","doi":"10.1109/iemcon53756.2021.9623254","DOIUrl":null,"url":null,"abstract":"A Bayesian Attack Graph (BAG) is an essential model for red teams in cyber security to detect the most vulnerable components of a system. It is a probabilistic graphical model in which each node is initially assigned a probability value called local probability. For realistic and better analysis of BAGs, it is essential to evaluate local probabilities precisely. For that purpose, in this paper, we use the Common Vulnerability Scoring System (CVSS) to estimate temporal and environmental scores. We further consider various factors reflecting attackers' characteristics in BAG analysis. In this respect, we inaugurated a new environmental variable named “host type” that influences an attacker's motivation and abolishes the need for earlier network architecture knowledge to determine the factor values.","PeriodicalId":272590,"journal":{"name":"2021 IEEE 12th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON)","volume":"55 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-10-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE 12th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/iemcon53756.2021.9623254","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
A Bayesian Attack Graph (BAG) is an essential model for red teams in cyber security to detect the most vulnerable components of a system. It is a probabilistic graphical model in which each node is initially assigned a probability value called local probability. For realistic and better analysis of BAGs, it is essential to evaluate local probabilities precisely. For that purpose, in this paper, we use the Common Vulnerability Scoring System (CVSS) to estimate temporal and environmental scores. We further consider various factors reflecting attackers' characteristics in BAG analysis. In this respect, we inaugurated a new environmental variable named “host type” that influences an attacker's motivation and abolishes the need for earlier network architecture knowledge to determine the factor values.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
