Share Email Print
cover

Proceedings Paper

Real-time network security situation visualization and threat assessment based on semi-Markov process
Author(s): Junhua Chen
Format Member Price Non-Member Price
PDF $14.40 $18.00

Paper Abstract

To cope with a large amount of data in current sensed environments, decision aid tools should provide their understanding of situations in a time-efficient manner, so there is an increasing need for real-time network security situation awareness and threat assessment. In this study, the state transition model of vulnerability in the network based on semi-Markov process is proposed at first. Once events are triggered by an attacker’s action or system response, the current states of the vulnerabilities are known. Then we calculate the transition probabilities of the vulnerability from the current state to security failure state. Furthermore in order to improve accuracy of our algorithms, we adjust the probabilities that they exploit the vulnerability according to the attacker’s skill level. In the light of the preconditions and post-conditions of vulnerabilities in the network, attack graph is built to visualize security situation in real time. Subsequently, we predict attack path, recognize attack intention and estimate the impact through analysis of attack graph. These help administrators to insight into intrusion steps, determine security state and assess threat. Finally testing in a network shows that this method is reasonable and feasible, and can undertake tremendous analysis task to facilitate administrators’ work.

Paper Details

Date Published: 13 March 2013
PDF: 9 pages
Proc. SPIE 8784, Fifth International Conference on Machine Vision (ICMV 2012): Algorithms, Pattern Recognition, and Basic Technologies, 87840A (13 March 2013); doi: 10.1117/12.2013675
Show Author Affiliations
Junhua Chen, Yunnan Nationalities Univ. (China)


Published in SPIE Proceedings Vol. 8784:
Fifth International Conference on Machine Vision (ICMV 2012): Algorithms, Pattern Recognition, and Basic Technologies
Yulin Wang; Liansheng Tan; Jianhong Zhou, Editor(s)

© SPIE. Terms of Use
Back to Top