Master of Science / Department of Computing and Information Sciences / William H. Hsu / Xinming (Simon) Ou / To prevent large networks from potential security threats, network administrators need
to know in advance what components of their networks are under high security risk. One
way to obtain this knowledge is via attack graphs. Various types of attack graphs based on
miscellaneous techniques has been proposed. However, attack graphs can only make
assertion about different paths that an attacker can take to compromise the network. This
information is just half the solution in securing a particular network. Network administrators
need to analyze an attack graph to be able to identify the associated risk. Provided that
attack graphs can get very large in size, it would be very difficult for them to perform the
task. In this thesis, I provide a security risk prioritization algorithm to rank logical attack
graphs produced by MulVAL (A vulnerability analysis system) . My proposed method
(called StepRank) is based on a previously published algorithm called AssetRank that
generalizes over Google's PageRank algorithm. StepRank considers a forward attack
graph that is a reversed version of the original MulVAL attack graph used by AssetRank.
The result of the ranking algorithm is a rank value for each node that is relative to every
other rank value and shows how difficult it is for an attacker to satisfy a node.
| Identifer | oai:union.ndltd.org:KSU/oai:krex.k-state.edu:2097/1114 |
| Date | January 1900 |
| Creators | Almohri, Hussain |
| Publisher | Kansas State University |
| Source Sets | K-State Research Exchange |
| Language | en_US |
| Detected Language | English |
| Type | Thesis |
Page generated in 0.0016 seconds