An Approach of Security Risk Evaluation Based on the Bayesian Attack Graph

ABSTRACT

The evaluation of network risk is a vital task. Nevertheless, there‘s no approach for looking both the severity of the vulnerabilities and the general status of network security. It can not handle with uncertainty occurred in the process of evaluation. This paper proposes a practical approach named HTV to solve the upper two problems. First, an algorithm using the Bayes Theorem is designed to check the causal dependencies of attack events and their evidence. Then, a model that we call Bayesian Attack Graph (BAG) is proposed to model the attack events and the vulnerabilities and the attack evidence so that the vulnerabilities in system could be identified correctly and availably. Finally, we adapt the definition that we call the degree threat of vulnerability (DVT) to quantify the severity of vulnerabilities. Results in experiments show that this approach can split the vulnerabilities into various levels, so it can help assess the severity of the vulnerabilities and the general status of network security availably.

Keywords: