Algorithm with Quality-Runtime Tradeoff Parameter for Attack Policy in Attack Graphs for Network Security
نویسندگان
چکیده
Finding the optimal policy in the attack graph is known to be an NP-hard problem. Correlated Stackelberg Equilibrium (CSE) approximates Strong Stackelberg Equilibrium (SSE), which finds the optimal policy profile for two players, a defender and an attacker. This thesis investigates the application of iterative algorithms to reduce the computation time of CSE algorithm. Iterative algorithms allow improving lower bound to the optimal attack policy. It can be used to direct exploration of the attack graph and by that to reduce the complexity of the searching space. Proposed techniques look for a tradeoff parameter between algorithm’s quality and its runtime.
منابع مشابه
A particle swarm optimization algorithm for minimization analysis of cost-sensitive attack graphs
To prevent an exploit, the security analyst must implement a suitable countermeasure. In this paper, we consider cost-sensitive attack graphs (CAGs) for network vulnerability analysis. In these attack graphs, a weight is assigned to each countermeasure to represent the cost of its implementation. There may be multiple countermeasures with different weights for preventing a single exploit. Also,...
متن کاملAn Ant Colony Optimization Algorithm for Network Vulnerability Analysis
Intruders often combine exploits against multiple vulnerabilities in order to break into the system. Each attack scenario is a sequence of exploits launched by an intruder that leads to an undesirable state such as access to a database, service disruption, etc. The collection of possible attack scenarios in a computer network can be represented by a directed graph, called network attack gra...
متن کاملSecuring AODV routing protocol against the black hole attack using Firefly algorithm
Mobile ad hoc networks are networks composed of wireless devices to create a network with the ability for self-organization. These networks are designed as a new generation of computer networks to satisfy some specific requirements and with features different from wired networks. These networks have no fixed communication infrastructure and for communication with other nodes the intermediate no...
متن کاملA Mechanism for Detecting and Identifying DoS attack in VANET
VANET (Vehicular Ad-hoc Network) which is a hy- brid network (combination of infrastructure and infra- structure-less networks) is an emergent technology with promising future as well as great challenges especially in security. By the other hand this type of network is very sensible to safety problem. This paper focuses on a new mechanism for DoS (denial of service) attacks on the physical and ...
متن کاملA Mechanism for Detecting and Identifying DoS attack in VANET
VANET (Vehicular Ad-hoc Network) which is a hy- brid network (combination of infrastructure and infra- structure-less networks) is an emergent technology with promising future as well as great challenges especially in security. By the other hand this type of network is very sensible to safety problem. This paper focuses on a new mechanism for DoS (denial of service) attacks on the physical and ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2016