A Novel Security Model for Risk Assessment of Multi-Step Attacks in Computer Networks
Risk Assessment and Management have always been considered as one of the most challenging issues of each organization. Risk assessment would not be possible but by risk analysis of the existing vulnerabilities. Vulnerability prioritization makes it possible for security administrators to have better understanding of the infrastructure. So they would be able to find the most perilous vulnerabilities to bring cost benefit trade off into practice. Nowadays most of the attacks are the multi-step ones, in which, attacker exploits more than one vulnerability in a specified manner. So, it would be inevitable to consider the interaction of vulnerabilities for risk assessment. In this relation, the most sophisticated difficulty would be lack of standards for finding the interrelationship between vast amount of vulnerabilities and risk analysis is being done only for one step attacks. So, in this paper, a method have been introduced for risk assessment of Multi-step attacks which improves the accuracy of the existing vulnerability scoring systems.
- حق عضویت دریافتی صرف حمایت از نشریات عضو و نگهداری، تکمیل و توسعه مگیران میشود.
- پرداخت حق اشتراک و دانلود مقالات اجازه بازنشر آن در سایر رسانههای چاپی و دیجیتال را به کاربر نمیدهد.