Security risk prioritization for logical attack graphs
| dc.contributor.author | Almohri, Hussain | |
| dc.date.accessioned | 2008-12-22T14:40:57Z | |
| dc.date.available | 2008-12-22T14:40:57Z | |
| dc.date.graduationmonth | December | |
| dc.date.issued | 2008-12-22T14:40:57Z | |
| dc.date.published | 2008 | |
| dc.description.abstract | To prevent large networks from potential security threats, network administrators need to know in advance what components of their networks are under high security risk. One way to obtain this knowledge is via attack graphs. Various types of attack graphs based on miscellaneous techniques has been proposed. However, attack graphs can only make assertion about different paths that an attacker can take to compromise the network. This information is just half the solution in securing a particular network. Network administrators need to analyze an attack graph to be able to identify the associated risk. Provided that attack graphs can get very large in size, it would be very difficult for them to perform the task. In this thesis, I provide a security risk prioritization algorithm to rank logical attack graphs produced by MulVAL (A vulnerability analysis system) . My proposed method (called StepRank) is based on a previously published algorithm called AssetRank that generalizes over Google's PageRank algorithm. StepRank considers a forward attack graph that is a reversed version of the original MulVAL attack graph used by AssetRank. The result of the ranking algorithm is a rank value for each node that is relative to every other rank value and shows how difficult it is for an attacker to satisfy a node. | |
| dc.description.advisor | William H. Hsu | |
| dc.description.advisor | Xinming (Simon) Ou | |
| dc.description.degree | Master of Science | |
| dc.description.department | Department of Computing and Information Sciences | |
| dc.description.level | Masters | |
| dc.identifier.uri | http://hdl.handle.net/2097/1114 | |
| dc.language.iso | en_US | |
| dc.publisher | Kansas State University | |
| dc.rights | © the author. This Item is protected by copyright and/or related rights. You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s). | |
| dc.rights.uri | http://rightsstatements.org/vocab/InC/1.0/ | |
| dc.subject | Computer Security | |
| dc.subject | Network Security | |
| dc.subject.umi | Computer Science (0984) | |
| dc.title | Security risk prioritization for logical attack graphs | |
| dc.type | Thesis |
