• KSII Transactions on Internet and Information Systems
    Monthly Online Journal (eISSN: 1976-7277)

Using Genetic Algorithm for Optimal Security Hardening in Risk Flow Attack Graph

Vol. 9, No. 5, May 30, 2015
10.3837/tiis.2015.05.021, Download Paper (Free):

Abstract

Network environment has been under constant threat from both malicious attackers and inherent vulnerabilities of network infrastructure. Existence of such threats calls for exhaustive vulnerability analyzing to guarantee a secure system. However, due to the diversity of security hazards, analysts have to select from massive alternative hardening strategies, which is laborious and time-consuming. In this paper, we develop an approach to seek for possible hardening strategies and prioritize them to help security analysts to handle the optimal ones. In particular, we apply a Risk Flow Attack Graph (RFAG) to represent network situation and attack scenarios, and analyze them to measure network risk. We also employ a multi-objective genetic algorithm to infer the priority of hardening strategies automatically. Finally, we present some numerical results to show the performance of prioritizing strategies by network risk and hardening cost and illustrate the application of optimal hardening strategy set in typical cases. Our novel approach provides a promising new direction for network and vulnerability analysis to take proper precautions to reduce network risk.


Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2015)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article

[IEEE Style]
F. Dai, K. Zheng, Binwu and S. Luo, "Using Genetic Algorithm for Optimal Security Hardening in Risk Flow Attack Graph," KSII Transactions on Internet and Information Systems, vol. 9, no. 5, pp. 1920-1937, 2015. DOI: 10.3837/tiis.2015.05.021.

[ACM Style]
Fangfang Dai, Kangfeng Zheng, Binwu, and Shoushan Luo. 2015. Using Genetic Algorithm for Optimal Security Hardening in Risk Flow Attack Graph. KSII Transactions on Internet and Information Systems, 9, 5, (2015), 1920-1937. DOI: 10.3837/tiis.2015.05.021.