Abstract
The method of analyze the complex protocol vulnerability information from a large number of simple protocol vulnerability information is a tough problem. In this paper, we use attack graph method and construct the protocol vulnerability correlation graph. We also combine the attack target with other information to build the protocol logic attack graph, which is transformed into adjacency matrix. Through the adjacency matrix, we can find and calculate the path of complex attacks and the probability of success and hazard index. The experimental results show that this method can find the correlation among protocol vulnerabilities and can calculate the optimal attack path for protocol vulnerability.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Shi, S.: Research on Formal Verification Methods of Security Protocols. Huazhong University of Science and Technology (2009)
Wang, L., Islam, T., Long, T., Singhal, A., Jajodia, S.: An attack graph-based probabilistic security metric. In: Atluri, V. (ed.) DBSec 2008. LNCS, vol. 5094, pp. 283–296. Springer, Heidelberg (2008). doi:10.1007/978-3-540-70567-3_22
Zhao, C., Wang, H., Lin, J., et al.: A generation method of network security hardening strategy based on attack graphs. Int. J. Web Serv. Res. 12(1), 45–61 (2015)
Keramati, M., Akbari, A., Keramati, M.: CVSS-based security metrics for quantitative analysis of attack graphs. In: International Conference on Computer and Knowledge Engineering, pp. 178–183. IEEE, Piscataway (2013)
Harada, T., Kanaoka, A., Okamoto, E., et al.: Identifying potentially-impacted area by vulnerabilities in networked systems using CVSS. In: 10th International Symposium on Applications and the Internet, pp. 367–370. IEEE, Piscataway (2010)
Holm, H., Ekstedt, M., Andersson, D.: Empirical analysis of system-level vulnerability metrics through actual attacks. IEEE Trans. Dependable Secure Comput. 9(6), 825–837 (2012)
Chen, X., Fang, B., Tan, Q., et al.: Inferring attack intent of malicious insider based on probabilistic attack graph model. Chin. J. Comput. 37(1), 62–72 (2014)
Liu, G., Zhang, H., Li, Q.: Network security optimal attack and defense decision-making method based on game model. J. Nanjing Univ. Sci. Technol. 38(1), 12–21 (2014)
Li, Q., Zhang, L., Zhang, C., Yang, T.: Optimization method for attack graph based on vulnerability exploit correlation. Comput. Eng. 38(21), 129–132 (2012)
Acknowledgement
This work is supported by China Academy of Engineering Physics Project 2014A0403020 and 2015A0403002.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Zhang, C., Wang, S., Zhan, D. (2018). A Protocol Vulnerability Analysis Method Based on Logical Attack Graph. In: Pan, JS., Tsai, PW., Watada, J., Jain, L. (eds) Advances in Intelligent Information Hiding and Multimedia Signal Processing. IIH-MSP 2017. Smart Innovation, Systems and Technologies, vol 82. Springer, Cham. https://doi.org/10.1007/978-3-319-63859-1_38
Download citation
DOI: https://doi.org/10.1007/978-3-319-63859-1_38
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-63858-4
Online ISBN: 978-3-319-63859-1
eBook Packages: EngineeringEngineering (R0)