The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The intrinsically secure communications graph (iS-graph) is a random graph which captures the connections that can be securely established over a large-scale network, in the presence of eavesdroppers. It is based on principles of information-theoretic security, widely accepted as the strictest notion of security. In this paper, we are interested in characterizing the global properties of the iS-graph...
To protect our networks against malicious intrusions, we need to evaluate these networks security. Previous works on attack graphs have provided meaningful conclusions on security measurement. However, large attack graphs are still hard to be understood vividly, and few suggestions have been proposed to prevent inside malicious attackers from attacking networks. To address these problems, we propose...
A threat situation analytical method based on the network graph theory model was presented. In this method, the attack cost of adjacent nodes and the calculating formula for its effectiveness value were defined, as well as the method to calculate the maximum threat path and node. It analysis the threat level of the target node and the threat path of a local area network. The results indicated that:...
In this paper, we focus on formal analysis of SET Registration protocol and in order to prove it satisfies two security properties, that is, authentication and secrecy, reasonable method Strand Space is used. First, we describe SET Registration protocol in strand space formula and construct their bundles in graph mode. Second, we formalize the goals to be proved. Third, we use minimal element to prove...
Attack graph plays an important role in network security, as it directly shows the existence of vulnerabilities in network and how attackers use these vulnerabilities to implement an effective attack, the analysis on the attack graph or the simulation of dynamic attacks through attack graph can help us easily find out the vulnerabilities in network, and take corresponding security measures, in order...
In order to assess the security of network information system, many graph-based approaches have been proposed. Attack Graph is the most influential one. But attack graphs grow exponentially with the size of the network. In this paper, we propose an improved access graph based model to analyze network security. As a complement to the attack graph approach, the access graph is host-centric approach,...
All current vulnerability assessment tools only can locate individual vulnerabilities on a single host without considering correlated effect of these vulnerabilities. Aiming at this issue, this paper proposes a method of generating attack graph based on privilege escalation. The vulnerabilities and known attacks with their prerequisites and consequences are modeled based on predicate logic theory...
Going beyond vulnerability scanning tools that make lists of known vulnerabilities locating on given individual hosts, attack graphs identify all possible attack paths that end in a state where an attacker has successfully achieved his goal. But the algorithmic complexity grows exponential in the size of the network. The access graph is proposed as a complement to the attack graph approach which is...
Configuring firewalls is a difficult task. The reason is that the effects of firewall rules cannot be seen during the configuration time. As a result, errors and loopholes in firewall rules are discovered only at the run time and they often cause attacks. In this paper, we develop a graph-based method for analyzing firewall rules with services. Our new model provides advantages over all existing methods...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.