Survey on the use of security metrics on attack graph (공격 그래프 상의 보안 메트릭 사용 방안 조사)

Lee Gyung Min (이경민); Huy-Kang Kim (김휘강)

doi:10.9708/jksci.2018.23.12.095

Survey on the use of security metrics on attack graph

Journal of The Korea Society of Computer and Information
Abbr : JKSCI
2018, 23(12), pp.95-105
DOI : 10.9708/jksci.2018.23.12.095
Publisher : The Korean Society Of Computer And Information
Research Area : Engineering > Computer Science
Received : August 27, 2018
Accepted : November 26, 2018
Published : December 31, 2018

Lee Gyung Min ¹, Huy-Kang Kim ¹

¹고려대학교

Accredited

ABSTRACT

As the IT industry developed, the information held by the company soon became a corporate asset. As this information has value as an asset, the number and scale of various cyber attacks which targeting enterprises and institutions is increasing day by day. Therefore, research are being carried out to protect the assets from cyber attacks by using the attack graph to identify the possibility and risk of various attacks in advance and prepare countermeasures against the attacks. In the attack graph, security metric is used as a measure for determining the importance of each asset or the risk of an attack. This is a key element of the attack graph used as a criterion for determining which assets should be protected first or which attack path should be removed first. In this survey, we research trends of various security metrics used in attack graphs and classify the research according to application viewpoints, use of CVSS(Common Vulnerability Scoring System), and detail metrics. Furthermore, we discussed how to graft the latest security technologies, such as MTD(Moving Target Defense) or SDN(Software Defined Network), onto the attack graphs.

KEYWORDS

Attack Graph, CVSS, Security Metric, Moving Target Defense, Survey

Citation status

* References for papers published after 2023 are currently being built.

[web] / Ministry of Science and ICT / http://www.index.go.kr/potal/main/EachDtlPageDetail.do?idx_cd=1363

[journal] Schneier, Bruce / 1999 / Attack trees / Dr. Dobb’s journal 24(12) : 21~29

[confproc] Phillips, Cynthia / 1998 / A graphbased system for network-vulnerability analysis / Proceedings of the 1998 workshop on New security paradigms : 71~79

[web] / National Institute of Standards and Technology Glossary / https://csrc.nist.gov/glossary/term/vulnerability

[web] / CVE / https://cve.mitre.org/

[web] / CVSS / https://www.first.org/cvss

[confproc] Ou, Xinming / 2005 / MulVAL: A Logic-based Network Security Analyzer / USENIX Security Symposium 8

[confproc] Ingols, Kyle / 2006 / Practical attack graph generation for network defense / Computer Security Applications Conference : 121~130

[journal] Ortalo, Rodolphe / 1999 / Experimenting with quantitative evaluation tools for monitoring operational security / IEEE Transactions on Software Engineering 25(5) : 633~650

[confproc] Mehta, Vaibhav / 2006 / Ranking attack graphs / International Workshop on Recent Advances in Intrusion Detection : 127~144

[journal] Idika, Nwokedi / 2012 / Extending attack graph-based security metrics and aggregating their application / IEEE Transactions on Dependable and Secure Computing 9(1) : 75~85

[web] / National Institute of Standards and Technology / https://www.nist.gov

[journal] Balzarotti, Davide / 2006 / Assessing the risk of using vulnerable components / Quality of Protection : 65~77

[confproc] Wang, Lingyu / 2008 / An attack graph-based probabilistic security metric / IFIP Annual Conference on Data and Applications Security and Privacy 5094 : 283~296

[confproc] Gallon, Laurent / 2011 / Using CVSS in attack graphs / Availability, Reliability and Security, 2011 Sixth International Conference on. IEEE : 59~66

[confproc] Wang, Lingyu / 2007 / Measuring the overall security of network configurations using attack graphs / IFIP Annual Conference on Data and Applications Security and Privacy 4602 : 98~112

[confproc] Suh-Lee, Candace / 2015 / Quantifying security risk by measuring network risk conditions / Computer and Information Science (ICIS), 2015 IEEE/ACIS 14th International Conference on. IEEE : 9~14

[web] / National Vulnerability Database / https://nvd.nist.gov

[confproc] Pamula, Joseph / 2006 / A weakest-adversary security metric for network configuration security analysis / Proceedings of the 2nd ACM workshop on Quality of protection. ACM : 31~38

[journal] Noel, Steven / 2010 / Measuring security risk of networks using attack graphs / International Journal of Next-Generation Computing 1(1) : 135~147

[confproc] Tupper, Melanie / 2008 / VEAbility security metric: A network security analysis tool / Availability, Reliability and Security, 2008. ARES 08. Third International Conference on. IEEE : 950~957

[confproc] Keramati, Marjan / 2013 / CVSS-based security metrics for quantitative analysis of attack graphs / Computer and Knowledge Engineering (ICCKE), 2013 3th International eConference on. IEEE : 178~183

[journal] Dai, Fangfang / 2015 / Exploring risk flow attack graph for security risk assessment / IET Information Security 9(6) : 344~353

[journal] Singhal, Anoop / 2017 / Security risk analysis of enterprise networks using probabilistic attack graphs / Network Security Metrics : 53~73

[journal] Xie, Lixia / 2013 / Network Security Risk Assessment Based on Attack Graph / Journal of Computers 8(9) : 2339~2347

[journal] Homer, John / 2013 / Aggregating vulnerability metrics in enterprise networks using attack graphs / Journal of Computer Security 21(4) : 561~597

[confproc] Frigault, Marcel / 2008 / Measuring network security using bayesian network-based attack graphs / Annual IEEE International Computer Software and Applications Conference. IEEE : 698~703

[journal] Poolsappasit, Nayot / 2012 / Dynamic security risk management using bayesian attack graphs / IEEE Transactions on Dependable and Secure Computing 9(1) : 61~74

[confproc] Liu, Si-chao / 2016 / Network security risk assessment method based on HMM and attack graph model / 2016 17th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD). IEEE : 517~522

[confproc] Sawilla, Reginald E. / 2008 / Identifying critical attack assets in dependency attack graphs / European Symposium on Research in Computer Security 5283 : 18~34

[journal] Hui, Wang / 2015 / An Approach of Security Risk Evaluation Based on the Bayesian Attack Graph / Open Cybernetics & Systemics Journal 9 : 953~960

[confproc] Noel, Steven / 2014 / Metrics suite for network attack graph analytics / Proceedings of the 9th Annual Cyber and Information Security Research Conference. ACM : 5~8

[confproc] Moon, Young Hoon / 2016 / Hybrid Attack Path Enumeration System Based on Reputation Scores / Computer and Information Technology (CIT), 2016 IEEE International Conference on. IEEE : 241~248

[confproc] Ghosh, Nirnay / 2009 / An approach for security assessment of network configurations using attack graph / Networks and Communications, 2009. NETCOM'09. First International Conference on. IEEE : 283~288

[confproc] Ge, Mengmeng / 2017 / Evaluating Security and Availability of Multiple Redundancy Designs when Applying Security Patches / Dependable Systems and Networks Workshop (DSN-W), 2017 47th Annual IEEE/IFIP International Conference on. IEEE : 53~60

[journal] Singh, Umesh Kumar / 2016 / Quantifying security risk by critical network vulnerabilities assessm ent / International Journal of Computer Applications 156(13) : 26~33

[journal] Zhang, Mengyuan / 2016 / Network diversity: a security metric for evaluating the resilience of networks against zero-day attacks / IEEE Transactions on Information Forensics and Security 11(5) : 1071~1086

[confproc] Jessica Steinberger / 2018 / DDoS defense using MTD and SDN / IEEE Network Operations and Management Symposium 2018 on. IEEE

[confproc] Zhuang, Rui / 2013 / Investigating the application of moving target defenses to network security / Resilient Control Systems (ISRCS), 2013 6th International Symposium on. IEEE : 162~169

[journal] Hong, Jin Bum / 2016 / Assessing the effectiveness of moving target defenses using security models / IEEE Transactions on Dependable and Secure Computing 13(2) : 163~177

[confproc] Chowdhary, Ankur / 2016 / Sdn based scalable mtd solution in cloud network / Proceedings of the 2016 ACM Workshop on Moving Target Defense. ACM : 27~36

[confproc] Yusuf, Simon Enoch / 2016 / Security Modelling and Analysis of Dynamic Enterprise Networks / Computer and Information Technology (CIT), 2016 IEEE International Conference on. IEEE : 249~256

[journal] 문주연 / 2018 / An Attack Graph Model for Dynamic Network Environment / 정보보호학회논문지 / 한국정보보호학회 28(2) : 485~500

KJCKorea
Journal Central

Journal of The Korea Society of Computer and Information 2023 KCI Impact Factor : 0.65

Survey on the use of security metrics on attack graph

ABSTRACT

KEYWORDS

Citation status

* References for papers published after 2023 are currently being built.

Journal of The Korea Society of Computer and Information 2023 KCI Impact Factor : 0.65

Survey on the use of security metrics on attack graph

ABSTRACT

KEYWORDS

Statistics

Tools

Issue List

Citation status

KCI Citation Counts (0)

REFERENCES (43) * References for papers published after 2023 are currently being built.

Search PDF

Citation

* References for papers published after 2023 are currently being built.