A comprehensive approach for network attack forecasting. Issue 58 (May 2016)
- Record Type:
- Journal Article
- Title:
- A comprehensive approach for network attack forecasting. Issue 58 (May 2016)
- Main Title:
- A comprehensive approach for network attack forecasting
- Authors:
- GhasemiGol, Mohammad
Ghaemi-Bafghi, Abbas
Takabi, Hassan - Abstract:
- Highlights: We modify the attack graph to handle the uncertainty of attack probabilities. We analyze the IDS alerts and intrusion responses to update the attack probabilities. We define a forecasting attack graph to predict future attacks. The forecasting attack graph provides a high-level insight into the network security. Graphical Abstract: Abstract: Forecasting future attacks is a big challenge for network administrators because future is generally unknown. Nevertheless, some information about the future can help us make better decisions in present time. Attack graph is the most well-known tool for risk assessment and attack prediction. However, it only provides static information about probability of vulnerability exploitation, which is not reliable for predicting the future. Moreover, attack graph does not consider the uncertainty of probabilities. Therefore, the primary goal of this paper is to present an attack forecasting approach that can predict future network attacks with more precision and dynamically adapts to changes in the environment. Our proposed approach handles the uncertainty of attack probabilities and uses additional information, such as intrusion alerts, active responses, and dependency graph in the forecasting process. Experiments show that size and complexity of the proposed forecasting attack graph makes it suitable for predicting future attacks even in large-scale networks.
- Is Part Of:
- Computers & security. Issue 58(2016)
- Journal:
- Computers & security
- Issue:
- Issue 58(2016)
- Issue Display:
- Volume 58, Issue 58 (2016)
- Year:
- 2016
- Volume:
- 58
- Issue:
- 58
- Issue Sort Value:
- 2016-0058-0058-0000
- Page Start:
- 83
- Page End:
- 105
- Publication Date:
- 2016-05
- Subjects:
- Network attack forecasting -- Uncertainty-aware attack graph -- Dependency graph -- Intrusion alerts -- Intrusion response
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2015.11.005 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 1803.xml