Search in ISMS Guides


Thursday, November 15, 2007

[PDF] Analyzing Network Security using Malefactor Action Graphs

The approach to network security analysis is suggested. It is based on simulation of malefactor’s behavior, generating attack graph and calculating different security metrics. The graph represents all possible attack scenarios taking into account network configuration, security policy, malefactor’s location, knowledge level and strategy. The security metrics describe computer network security at different levels of detail and take into account various aspects of security. The generalized architecture of security analysis system is presented. Attack scenarios model, common attack graph building procedures, used security metrics, and general security level evaluation are defined. The implemented version of security analysis system is described, and examples of express-evaluations of security level are considered.

Read This Paper :

No comments: