scholarly journals Optimal Security Protection Selection Strategy Based on Markov Model Attack Graph

2021 ◽  
Vol 2132 (1) ◽  
pp. 012020
Author(s):  
Jinwei Yang ◽  
Yu Yang
Keyword(s):  
Markov Chain ◽  
Selection Strategy ◽  
Particle Swarm Algorithm ◽  
Attack Graph ◽  
Protection Policy ◽  
Network Intrusion ◽  
Absorbing Markov Chain ◽  
State Transfer ◽  
Attack Path ◽  
Path Prediction

Abstract Intrusion intent and path prediction are important for security administrators to gain insight into the possible threat behavior of attackers. Existing research has mainly focused on path prediction in ideal attack scenarios, yet the ideal attack path is not always the real path taken by an intruder. In order to accurately and comprehensively predict the path information of network intrusion, a multi-step attack path prediction method based on absorbing Markov chains is proposed. Firstly, the node state transfer probability normalization algorithm is designed by using the nil posteriority and absorption of state transfer in absorbing Markov chain, and it is proved that the complete attack graph can correspond to absorbing Markov chain, and the economic indexes of protection cost and attack benefit and the index quantification method are constructed, and the optimal security protection policy selection algorithm based on particle swarm algorithm is proposed, and finally the experimental verification of the model in protection Finally, we experimentally verify the feasibility and effectiveness of the model in protection policy decision-making, which can effectively reduce network security risks and provide more security protection guidance for timely response to network attack threats.

scholarly journals New Insights into Approaches to Evaluating Intention and Path for Network Multistep Attacks

2018 ◽  
Vol 2018 ◽  
pp. 1-13 ◽  
Author(s):  
Hao Hu ◽  
Yuling Liu ◽  
Yingjie Yang ◽  
Hongqi Zhang ◽  
Yuchen Zhang
Keyword(s):  
Success Probability ◽  
Security Policies ◽  
Attack Graph ◽  
The Public ◽  
Absorbing Markov Chain ◽  
Monotonicity Assumption ◽  
Attack Path ◽  
Security Evaluations ◽  
Public Datasets ◽  
Evaluation Approaches

The attack graph (AG) is an abstraction technique that reveals the ways an attacker can use to leverage vulnerabilities in a given network to violate security policies. The analyses developed to extract security-relevant properties are referred to as AG-based security evaluations. In recent years, many evaluation approaches have been explored. However, they are generally limited to the attacker’s “monotonicity” assumption, which needs further improvements to overcome the limitation. To address this issue, the stochastic mathematical model called absorbing Markov chain (AMC) is applied over the AG to give some new insights, namely, the expected success probability of attack intention (EAIP) and the expected attack path length (EAPL). Our evaluations provide the preferred mitigating target hosts and the vulnerabilities patching prioritization of middle hosts. Tests on the public datasets DARPA2000 and Defcon’s CTF23 both verify that our evaluations are available and reliable.

scholarly journals A Multiphase Dynamic Deployment Mechanism of Virtualized Honeypots Based on Intelligent Attack Path Prediction

2021 ◽  
Vol 2021 ◽  
pp. 1-15
Author(s):  
Yazhuo Gao ◽  
Guomin Zhang ◽  
Changyou Xing
Keyword(s):  
Capture Rate ◽  
Prediction Method ◽  
Prototype System ◽  
Attack Graph ◽  
Active Defense ◽  
Deployment Strategy ◽  
Dynamic Deployment ◽  
Attack Path ◽  
Path Prediction ◽  
Attack And Defense

As an important deception defense method, a honeypot can be used to enhance the network’s active defense capability effectively. However, the existing rigid deployment method makes it difficult to deal with the uncertain strategic attack behaviors of the attackers. To solve such a problem, we propose a multiphase dynamic deployment mechanism of virtualized honeypots (MD2VH) based on the intelligent attack path prediction method. MD2VH depicts the attack and defense characteristics of both attackers and defenders through the Bayesian state attack graph, establishes a multiphase dynamic deployment optimization model of the virtualized honeypots based on the extended Markov’s decision-making process, and generates the deployment strategies dynamically by combining the online and offline reinforcement learning methods. Besides, we also implement a prototype system based on software-defined network and virtualization container, so as to evaluate the effectiveness of MD2VH. Experiments results show that the capture rate of MD2VH is maintained at about 90% in the case of both simple topology and complex topology. Compared with the simple intelligent deployment strategy, such a metric is increased by 20% to 60%, and the result is more stable under different types of the attacker’s strategy.

Computer Network Attack Modeling and Network Attack Graph Study

2014 ◽  
Vol 1079-1080 ◽  
pp. 816-819 ◽  
Author(s):  
Yuan Qin
Keyword(s):  
Network Security ◽  
Computer Network ◽  
Multiple Point ◽  
Network Attack ◽  
Network Information ◽  
Attack Graph ◽  
Attack Modeling ◽  
Network Intrusion ◽  
Single Host ◽  
Attack Path

With the development of computer network and rapid popularity of Internet, network information security has become the focus of safeguarding national security and social stability. In the network security event, the hacker often can’t successfully intrude into the network by means of a single host / services hacker. With the help of various kinds of "vulnerability" generated bydifferent relationship existing in multiple point multiple host, the hacker can achieve the purpose of network intrusion. Therefore one important aspect of network security is after obtaining the vulnerability of the network information, considering a combination of multiple exploits and analyzing the attack path of network penetration attacks that the attacker may take.

On the age distribution of a Markov chain

1978 ◽  
Vol 15 (1) ◽  
pp. 65-77 ◽  
Author(s):  
Anthony G. Pakes
Keyword(s):  
Markov Chain ◽  
Random Walk ◽  
Limit Theorems ◽  
Age Distribution ◽  
Weak Limit ◽  
Absorbing State ◽  
Absorbing Markov Chain ◽  
Continuous Random Walk ◽  
A Chain ◽  
Watson Process

This paper develops the notion of the limiting age of an absorbing Markov chain, conditional on the present state. Chains with a single absorbing state {0} are considered and with such a chain can be associated a return chain, obtained by restarting the original chain at a fixed state after each absorption. The limiting age, A(j), is the weak limit of the time given Xn = j (n → ∞).A criterion for the existence of this limit is given and this is shown to be fulfilled in the case of the return chains constructed from the Galton–Watson process and the left-continuous random walk. Limit theorems for A (J) (J → ∞) are given for these examples.

The Study on Convergence and Convergence Rate of Genetic Algorithm Based on an Absorbing Markov Chain

2012 ◽  
Vol 239-240 ◽  
pp. 1511-1515 ◽  
Author(s):  
Jing Jiang ◽  
Li Dong Meng ◽  
Xiu Mei Xu
Keyword(s):  
Genetic Algorithm ◽  
Markov Chain ◽  
Convergence Rate ◽  
Hitting Time ◽  
Sufficient Condition ◽  
First Hitting Time ◽  
Absorbing Markov Chain ◽  
Expected Hitting Time ◽  
Optimization Efficiency ◽  
Theoretical Issues

The study on convergence of GA is always one of the most important theoretical issues. This paper analyses the sufficient condition which guarantees the convergence of GA. Via analyzing the convergence rate of GA, the average computational complexity can be implied and the optimization efficiency of GA can be judged. This paper proposes the approach to calculating the first expected hitting time and analyzes the bounds of the first hitting time of concrete GA using the proposed approach.

Sign in / Sign up

Export Citation Format

Share Document