Defense Against Advanced Persistent Threats: Optimal Network Security Hardening Using Multi-stage Maze Network Game

Analyzing attack graphs can provide network security hardening strategies for administrators. Concerning the problems of high time complexity and costly hardening strategies in previous methods, a method for generating low cost network security hardening strategies is proposed based on attack graphs. The authors' method assesses risks of attack paths according to path length and the common vulnerability scoring system, limits search scope with a threshold to reduce the time complexity, and lowers cost of hardening strategies by using a heuristic algorithm. The experimental results show that the authors' method has good scalability, and significantly reduces cost of network security hardening strategies with reasonable running time.

Download Full-text

Towards Safe and Optimal Network Designs Based on Network Security Requirements

2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications ◽

10.1109/trustcom.2012.279 ◽

2012 ◽

Author(s):

Nihel Ben Youssef Ben Souayeh ◽

Adel Bouhoula

Keyword(s):

Network Security ◽

Security Requirements ◽

Optimal Network

Download Full-text

Optimal Network Security Strengthening Using Attack-Defense Game Model

2009 Sixth International Conference on Information Technology: New Generations ◽

10.1109/itng.2009.300 ◽

2009 ◽

Cited By ~ 5

Author(s):

Wei Jiang ◽

Bin-xing Fang ◽

Hong-li Zhang ◽

Zhi-hong Tian ◽

Xin-fang Song

Keyword(s):

Network Security ◽

Game Model ◽

Optimal Network

Download Full-text

Diversity-aware, Cost-effective Network Security Hardening Using Attack Graph

Communications in Computer and Information Science - Security in Computing and Communications ◽

10.1007/978-981-10-6898-0_1 ◽

2017 ◽

pp. 1-15

Author(s):

M. A. Jabbar ◽

Ghanshyam S. Bopche ◽

B. L. Deekshatulu ◽

B. M. Mehtre

Keyword(s):

Network Security ◽

Cost Effective ◽

Attack Graph ◽

Security Hardening ◽

Effective Network

Download Full-text

A multi-stage game approach applied to network security risk controlling

2017 IEEE 2nd Advanced Information Technology, Electronic and Automation Control Conference (IAEAC) ◽

10.1109/iaeac.2017.8054477 ◽

2017 ◽

Author(s):

Tao Li ◽

Jin-dong Wang ◽

Yu Chen ◽

Na Wang

Keyword(s):

Network Security ◽

Security Risk ◽

Multi Stage ◽

Stage Game ◽

Risk Controlling

Download Full-text

Network Security Situation Awareness Based on Phishing Detection

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.644-650.2784 ◽

2014 ◽

Vol 644-650 ◽

pp. 2784-2787

Author(s):

Jian Yi Zhang ◽

Cheng Gen Song ◽

Xin Jin

Keyword(s):

Machine Learning ◽

Network Security ◽

Situation Awareness ◽

High Accuracy ◽

Statistical Machine Learning ◽

Advanced Persistent Threats ◽

Learning Classifier ◽

Phishing Detection

In this paper, we introduce a statistical machine learning classifier and a LSH page similarity detector as the network security situation awareness mechanism to detect the spear phishing that has been widely used in the Advanced Persistent Threats. Then, a number of comprehensive experiments show that our proposed method achieves high accuracy over a balanced dataset. The accuracy is no less than 92% while the recall is more than 97%.

Download Full-text