Abstract
With the increasingly extensive applications of the network, the security of internal network of enterprises is facing more and more threats from the outside world, which implies the importance to master the network risk assessment skills. In the big data era, there are various security protection techniques and different types of group data. Meanwhile, Online Social Networks (OSNs) and Social Internet of Things (SIoT) are becoming popular patterns of meeting people and keeping in touch with friends [2, 5]. However, risk assessment, as a bridge between security experts and network administrators, to some extent, whose accuracy can influence the judgment of administrators to the entire network state. In order to solve this problem, this essay proposes the improved MulVAL framework to optimize the risk assessment process by establishing the HMM model and the Bayesian model, which can improve the accuracy of the evaluation value. Firstly, behavior of the attacker is described in-depth by the attack graph generated through MulVAL. Then, with the quantitative evaluation conducted by the Common Vulnerability Scoring System, the nodes on the attack path can will be evaluated and the value will be further evaluated by the Bayesian model. Finally, by establishing the hidden Markov model, the corresponding parameters can be defined and the most likely probabilistic state transition sequence can be calculated by using the Viterbi algorithm to deduce the attack intent with the highest possibility.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Feng, P., Lian, Y., Dai, Y.: A vulnerability model of distributed systems based on reliability theory. J. Softw. 17(7), 1633–1640 (2006)
Jiang, W., Wang, G., Bhuiyan, M.Z.A., Wu, J.: Understanding graph-based trust evaluation in online social networks: methodologies and challenges. ACM Comput. Surv. 49, 10:1–10:35 (2016)
Li, Y., Wang, G., Nie, L., Wang, Q.: Collaborative target tracking in wireless sensor networks. J. Ad Hoc Sens. Wirel. Netw. 23, 117–135 (2014)
Wang, L., Singhal, A., Jajodia, S.: Toward measuring network security using attack graphs. In: Proceedings of the 3rd International Workshop on Quality of Protection (QoP), pp. 49–54 (2007)
Shen, J., Zhou, T., Wei, F., Sun, X., Xiang, Y.: Privacy-preserving and lightweight key agreement protocol for V2G in the social Internet of Things. IEEE Internet Things J. (2017). https://doi.org/10.1109/JIOT.2017.2775248
Wang, L., Islam, T., Long, T., Singhal, A., Jajodia, S.: An attack graph-based probabilistic security metric. In: Atluri, V. (ed.) DBSec 2008. LNCS, vol. 5094, pp. 283–296. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-70567-3_22
Xing, X., Xie, D., Wang, G.: Energy-balanced data gathering and aggregating in WSNs: a compressed sensing scheme. Int. J. Distrib. Sens. Netw. 2015, 1–10 (2015)
Ou, X., Boyer, W.F., McQueen, M.A.: A scalable approach to attack graph generation. In: Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS), pp. 336–345 (2006)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Wang, C., Li, K., Tian, Y., He, X. (2019). Network Risk Assessment Based on Improved MulVAL Framework and HMM. In: Li, J., Liu, Z., Peng, H. (eds) Security and Privacy in New Computing Environments. SPNCE 2019. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 284. Springer, Cham. https://doi.org/10.1007/978-3-030-21373-2_22
Download citation
DOI: https://doi.org/10.1007/978-3-030-21373-2_22
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-21372-5
Online ISBN: 978-3-030-21373-2
eBook Packages: Computer ScienceComputer Science (R0)