[vc_empty_space][vc_empty_space]
Network security risk analysis using improved MulVAL bayesian attack graphs
Sembiring J.a, Ramadhan M.a, Gondokaryono Y.S.a, Arman A.A.a
a School of Electrical Engineering and Informatics, Institut Teknologi Bandung, Indonesia
[vc_row][vc_column][vc_row_inner][vc_column_inner][vc_separator css=”.vc_custom_1624529070653{padding-top: 30px !important;padding-bottom: 30px !important;}”][/vc_column_inner][/vc_row_inner][vc_row_inner layout=”boxed”][vc_column_inner width=”3/4″ css=”.vc_custom_1624695412187{border-right-width: 1px !important;border-right-color: #dddddd !important;border-right-style: solid !important;border-radius: 1px !important;}”][vc_empty_space][megatron_heading title=”Abstract” size=”size-sm” text_align=”text-left”][vc_column_text]© 2015, School of Electrical Engineering and Informatics. All rights reserved.This paper presents some improvements on the Multihost Multistage Vulnerability Analysis (MulVAL) framework. MulVAL is a framework to generate an attack graph for analysis of a computer network security risk. In MulVAL, it is assumed that the probability of success in exploiting the machine configuration and vulnerability variable is 100%, and the vulnerability variables are independent of each other. In reality each machine has its own security configuration issue, and vulnerabilities are not independent of each other. Moreover the research in MulVAL attack graph solely focuses on the probability of vulnerability, whereas the probability of vulnerability in security configuration is not covered. In this paper we introduce three methods to improve the MulVAL framework. In the first method we employ Common Vulnerability Scoring System (CVSS) for calculating the probability of vulnerability variables, and Common Configuration Scoring System (CCSS) for calculating the probability of vulnerability of system security configuration. In the second method we introduce the interdependence of vulnerability variables in Bayesian senses. Finally, in the third method we analyze the impact of the change in system security configuration to the probability of vulnerability in the context of Bayesian probability. We analyze and discuss the proposed methods through a simulation for a simple network configuration. The simulation results of the proposed methods demonstrate that the introduction of CVSS, CCSS, employing dependency of vulnerability variables and system security configuration represent a more realistic model for vulnerability in MulVAL framework.[/vc_column_text][vc_empty_space][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][vc_empty_space][megatron_heading title=”Author keywords” size=”size-sm” text_align=”text-left”][vc_column_text][/vc_column_text][vc_empty_space][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][vc_empty_space][megatron_heading title=”Indexed keywords” size=”size-sm” text_align=”text-left”][vc_column_text]Attack graph,Bayesian network,CCSS,CVSS,MulVAL,Network security[/vc_column_text][vc_empty_space][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][vc_empty_space][megatron_heading title=”Funding details” size=”size-sm” text_align=”text-left”][vc_column_text][/vc_column_text][vc_empty_space][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][vc_empty_space][megatron_heading title=”DOI” size=”size-sm” text_align=”text-left”][vc_column_text]https://doi.org/10.15676/ijeei.2015.7.4.15[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/4″][vc_column_text]Widget Plumx[/vc_column_text][/vc_column_inner][/vc_row_inner][/vc_column][/vc_row][vc_row][vc_column][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][/vc_column][/vc_row]