kth.sePublikationer KTH
EnglishSvenskaNorsk
Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
DefenceRank - Ranking Based Attack Graph Analysis and Defence Prioritization
KTH, Skolan för elektroteknik och datavetenskap (EECS), Datavetenskap, Nätverk och systemteknik.ORCID-id: 0000-0003-0479-6766
KTH, Skolan för teknikvetenskap (SCI), Matematik (Inst.), Matematik (Avd.).
KTH, Skolan för elektroteknik och datavetenskap (EECS), Datavetenskap, Nätverk och systemteknik.ORCID-id: 0000-0002-2764-8099
2024 (Engelska)Ingår i: 2024 IEEE INTERNATIONAL CONFERENCE ON CYBER SECURITY AND RESILIENCE, CSR, Institute of Electrical and Electronics Engineers (IEEE), 2024, s. 466-473Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Cyberinfrastructures are becoming larger and more complex, and it is increasingly challenging to assess for potential attacks and activate the appropriate defences. Attack graphs have been proven as a promising tool for risk assessment, but they also face the challenge of scalability. This paper proposes DefenceRank, an adaptation of Google's PageRank algorithm, to analyze large attack graphs and prioritize defences with low complexity. It incorporates the difficulty of the attack steps through the time-to-compromise parameter, the capabilities of the attack steps and the vulnerability of the assets. The proposed DefenceRank is evaluated on various realistic attack graphs. The results show that it achieves a reasonably high level of accuracy compared to optimal defence selection, while its time complexity increases polynomially with the size of the attack graph and remains in the order of seconds even for very large graphs and a large set of defences. In conclusion, DefenceRank demonstrates a viable alternative for the security assessment of cyberinfrastructures represented by attack graphs.
Ort, förlag, år, upplaga, sidor
Institute of Electrical and Electronics Engineers (IEEE), 2024. s. 466-473
Nationell ämneskategori
Elektroteknik och elektronik
Identifikatorer
URN: urn:nbn:se:kth:diva-356460DOI: 10.1109/CSR61664.2024.10679390ISI: 001327167900070Scopus ID: 2-s2.0-85206202681OAI: oai:DiVA.org:kth-356460DiVA, id: diva2:1914457
Konferens
4th IEEE Annual International Conference on Cyber Security and Resilience (IEEE CSR), SEP 02-04, 2024, London, ENGLAND
Anmärkning

QC 20241119

Part of ISBN 979-8-3503-7536-7

Tillgänglig från: 2024-11-19 Skapad: 2024-11-19 Senast uppdaterad: 2024-11-19Bibliografiskt granskad

Open Access i DiVA

Fulltext saknas i DiVA

Övriga länkar

Förlagets fulltextScopus

Person

Fodor, Viktória

Sök vidare i DiVA

Av författaren/redaktören
Patil, Rajendra ShivajiKällman, IsakFodor, Viktória
Av organisationen
Nätverk och systemteknikMatematik (Avd.)
Elektroteknik och elektronik

Sök vidare utanför DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetricpoäng

doi
urn-nbn
Totalt: 69 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
v. 2.47.0
|
WCAG
|
KTH Bibliotek
|
DiVA support
|
Registrera i DiVA
|
Spikning av avhandling
|
SwePub
|
Om öppen tillgång