Network security assessment using a semantic reasoning and graph based approach. (November 2017)
- Record Type:
- Journal Article
- Title:
- Network security assessment using a semantic reasoning and graph based approach. (November 2017)
- Main Title:
- Network security assessment using a semantic reasoning and graph based approach
- Authors:
- Wu, Songyang
Zhang, Yong
Cao, Wei - Abstract:
- Highlights: An innovative ontology- and graph-based method for security assessment is proposed. Design an ontology for modelling security concepts and sharing knowledge among agents. Compute full attack graph for quantifying security risk rely on security ontology. Evaluation results show that our method is practical even in a scalable network. Graphical abstract: Abstract: Owing to the high value of business data, sophisticated cyber-attacks targeting enterprise networks have become more prominent, with attackers trying to penetrate deeper into and reach wider from the compromised machines. An important security requirement is that domain experts and network administrators have a common vocabulary to share security knowledge and quickly help each other respond to new threats. We propose an innovative ontology and graph-based approach for security assessment. An ontology is designed to represent security knowledge such as that of assets, vulnerabilities, and attacks in a common form. Using the inference abilities of the ontological model, an efficient system framework is proposed to generate attack graphs and assess network security. The performance of the proposed system is evaluated on test networks of differing sizes and topologies.
- Is Part Of:
- Computers & electrical engineering. Volume 64(2017)
- Journal:
- Computers & electrical engineering
- Issue:
- Volume 64(2017)
- Issue Display:
- Volume 64, Issue 2017 (2017)
- Year:
- 2017
- Volume:
- 64
- Issue:
- 2017
- Issue Sort Value:
- 2017-0064-2017-0000
- Page Start:
- 96
- Page End:
- 109
- Publication Date:
- 2017-11
- Subjects:
- Network security -- Security ontology -- Attack graph -- Semantic reasoning
Computer engineering -- Periodicals
Electrical engineering -- Periodicals
Electrical engineering -- Data processing -- Periodicals
Ordinateurs -- Conception et construction -- Périodiques
Électrotechnique -- Périodiques
Électrotechnique -- Informatique -- Périodiques
Computer engineering
Electrical engineering
Electrical engineering -- Data processing
Periodicals
Electronic journals
621.302854 - Journal URLs:
- http://www.sciencedirect.com/science/journal/00457906/ ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.compeleceng.2017.02.001 ↗
- Languages:
- English
- ISSNs:
- 0045-7906
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.680000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 5401.xml