Network risk management using attacker profiling

  • Dantu R
  • Kolan P
  • Cangussu J
  • 15

    Readers

    Mendeley users who have this article in their library.
  • N/A

    Citations

    Citations of this article.

Abstract

Risk management refers to the process of making decisions that minimize the effects of vulnerabilities on the network hosts. This can be a difficult task in the context of high-exploit probability and the difficult to identify new exploits and vulnerabilities. For many years, security engineers have performed risk analysis using economicmodels for the design and operation of risk-prone, technological systems using attack profiles. Based on the type of attacker identified, security administrators can formulate effective risk management policies for a network.We hypothesize that sequence of network actions by an attacker depends on the social behavior (e.g., skill level, tenacity, financial ability). We extended this and formulated a mechanism to estimate the risk level of critical resources that may be compromised based on attacker behavior. This estimation is accomplished using behavior based attack graphs representing all the possible attack paths to all the critical resources. The risk level is computed based on these graphs and are used as a measure of the vulnerability of the resource and forming an effective basis for a system administrator to perform suitable changes to network configuratio

Get free article suggestions today

Mendeley saves you time finding and organizing research

Sign up here
Already have an account ?Sign in

Find this document

Authors

  • Ram Dantu

  • Prakash Kolan

  • João Cangussu

Cite this document

Choose a citation style from the tabs below

Save time finding and organizing research with Mendeley

Sign up for free