As known, security system administrators need to be aware of the security risks and abnormal behaviors in a network system. Given the exploitation probability value of each vulnerability, the cumulative probability of an attack path from an attacker to a target node can be quantified and calculated, namely as the K maximum probability attack paths for a target node. It is proposed in this paper a design to compute the K maximum probability attack paths for a given set of target nodes, where available vulnerability sets for each node in the system are built and assigned to different access flags during the computation process of attack paths, aimed at reducing the computation costs. Experimental results show that the proposed design can improve the performance on the computation of the K maximum probability attack paths for a given set of target nodes, promising and more efficient than existing algorithms to generate the attack paths.
File in questo prodotto:
Non ci sono file associati a questo prodotto.