JETIREXPLORE- Search Thousands of research papers



Published in:

Volume 2 Issue 1
January-2015
eISSN: 2349-5162

Unique Identifier

JETIR1501003

Page Number

13-21

Share This Article


Title

Placement of Sensor using Attack Graph

ISSN

2349-5162

Cite This Article

"Placement of Sensor using Attack Graph", International Journal of Emerging Technologies and Innovative Research (www.jetir.org), ISSN:2349-5162, Vol.2, Issue 1, page no.13-21, January-2015, Available :http://www.jetir.org/papers/JETIR1501003.pdf

Abstract

Attack graphs are useful for network defenders, illustrating paths an attacker can use to gain access to a targeted network. Defenders can then focus their efforts on patching the vulnerabilities and configuration errors thatallow the attackers the greatest amount of access.We describe the optimal placement of intrusion detection system (IDS) sensors andprioritization of IDS alarms, using attack graph analysis. Our attack graphs predict the various possible ways of penetrating a network to reach critical assets. .We have created a new type of attack graph, the multiple-prerequisitegraph, and that scales nearly linearly as the size of a typical network increases. We have built a prototype system usingthis graph type. In particular, automated analysis of network configuration and attacker exploits provides an attack graph showing all possiblepaths to critical assets. We then place IDS sensors to cover all these paths, using the fewestnumber of sensorsthe prototype uses readily available source data to automatically compute network reachability, classify vulnerabilities, build the graph, and recommend actions to improve network security.Then, through our predictive vulnerability-based attack graphs, weprioritize IDS alarms based on their level of threat (attack graph distance) to critical assets. The predictive power of our attack graphs then provides the necessary context for appropriate attack response.We have tested the prototype on an operational network with over 180 nodes, where it helped to discover a previously unknown configuration error.

Key Words

IDS,MOGA

Cite This Article

"Placement of Sensor using Attack Graph", International Journal of Emerging Technologies and Innovative Research (www.jetir.org | UGC and issn Approved), ISSN:2349-5162, Vol.2, Issue 1, page no. pp13-21, January-2015, Available at : http://www.jetir.org/papers/JETIR1501003.pdf

Publication Details

Published Paper ID: JETIR1501003
Registration ID: 150004
Published In: Volume 2 | Issue 1 | Year January-2015
DOI (Digital Object Identifier):
Page No: 13-21
ISSN Number: 2349-5162

Download Paper

Preview Article

Download Paper




Cite This Article

"Placement of Sensor using Attack Graph", International Journal of Emerging Technologies and Innovative Research (www.jetir.org | UGC and issn Approved), ISSN:2349-5162, Vol.2, Issue 1, page no. pp13-21, January-2015, Available at : http://www.jetir.org/papers/JETIR1501003.pdf




Preview This Article


Downlaod

Click here for Article Preview