An Attack Graph Based Method for Predictive Risk Evaluation of Zero-Day Attacks
Performing risk assessment of computer networks is inevitable in the process of network hardening. To do efficient attack prevention, risk evaluation must be done in an accurate and quantitative manner. Such risk assessment requires thorough understanding of attack’s causes or vulnerabilities and their related characteristics. But one major problem is that, there are vulnerabilities that are known by attackers but there is no information about them in databases like NVD (National Vulnerability Database). Such vulnerabilities are referred to as unknown or zero day attacks. Existing standards like NVD ignore the effect of unknown attacks in risk assessment of computer networks. In this paper, by defining some attack graph based security metrics, we proposed an innovative method for risk evaluation of multi-step Zero-Day Attacks. Proposed method by predicting the intrinsic features of Zero-Day attacks makes their risk estimation possible. Considering the effect of Temporal features of vulnerabilities have made our approach a Dynamic Risk Estimator
 Ghani, H. & Luna, J. & Khelil, A. & Alkadri, N. & Suri, N ”Predictive Vulnerability Scoring in the Context of Insufficient Information Availability. In Proc. of The IEEE International Conference on Risks and Security of Internet and Systems (CRiSIS), 2013, PP.1-8.
 J. McHugh. Quality of protection: Measuring the unmeasurable? In Proceedings of the 2nd ACM QoP, pages 1–2, 2006
 Wang, L. & Jajodia, S. & Singhal, A. & Noel S. k-zero day safety: measuring the security risk of networks against unknown attacks. Proc. 15th European Conf. Research Computer Security, 2010, pp. 573–587.
 Albanese, M. & Jajodia, S. & Singhal, A. & Wang, L. An Efficient Framework for Evaluating the Risk of Zero-Day Vulnerabilities. In E-Business and Telecommunications, Springer, 2014, PP. 322-340.
 M. Keramati, "An attack graph based procedure for risk estimation of zero-day attacks," 2016 8th International Symposium on Telecommunications (IST), Tehran, 2016, pp.
 http://cwe.mitre.org/cwss/, (accessed May, 25, 2016)
 http://www.nvd.org, /, (accessed May, 25, 2016)
 Jaquith., Security Metrics: Replacing Fear, Uncertainty, and Doubt. Addison Wesley Publication, 2007.
 http://www.nist.gov/computer-security-portal.cfm, (accessed May, 25, 2016)
 M. Swanson, N. Bartol, J. Sabato, et al., “Security Metrics Guide for Information Technology Systems”, Technical Report 800-55, National Institute of Standards and Technology, 2003
 L. Wang, A. Singhal, S. Jajodia, “Measuring the Overall Security of Network Congurations using Attack Graphs", Proceedings of the Data and Applications Security, Springer-Verlag, pp. 98-112, 2007
 C. Feng, D. Liu, J. Su, Y. Zhang, "A Scalable Approach to Analyzing Network Security using Compact Attack Graphs", Journal of Networks, pp. 543-550, 2010.
 N. Idika, B. Bhargava, “Extending Attack Graph-based Security Metricsand Aggregating Their Application”, IEEE Transactions On DependableAnd Secure Computing, pp. 1-12, 2010.
 Pengsu Cheng, Lingyu Wang, Sushil Jajodia, Anoop Singhal, "Aggregating CVSS base scores for semantics-rich network security metrics,"Proc. 31st International Symposium on Reliable Distributed Systems (SRDS 2012), Irvine, California, October 8-11, 2012.
 Sheyner, Oleg Mikhail. “Scenario Graphs and Attack Graphs.”PhDThesis Submitted to School of Computer Science, Computer Science Department, Carnegie Mellon University, 2007.
 Sheyner, O., Wing, J.: Tools for Generating and Analyzing Attack Graphs. In: Proc. ofWorkshop on Formal Methods for Comp. and Objects, pp. 344–371 (2004)
 Islam, T., and Lingyu Wang. "A Huristic Approach to Minimum Cost Network Hardening Using Attack Graphs." NewTechnologies, Mobility and Security. IEEE, 2008. 1-5..
 Noel, Steven, Sushil Jajodia, Brian O'Berry, and Michael Jacobs."Efficient Minimum-Cost Network Hardening Via Exploit Dependency Graphs." 19th Annual Computer Security Applications Conference. IEEE Computer Society, 2003. 86-92.
 M. Albanese, S. Jajodia, and S. Noel, “Time-Efficient and Cost-Effective Network Hardening Using Attack Graphs,” in Proceedings of the 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012), Boston, Massachusetts, USA, June 25-28, 2012.
 Lingyu Wang • Massimiliano Albanese Sushil Jajodia,” Network Hardening, An Automated Approach to Improving Network Security”,Springer,2014
 Nzoukou, W & Wang, L & Jajodia, S & Singhal, A, A unified framework for measuring a network's mean time-to-compromise. Proc. 32nd Int'l. Symp. on Reliable Distributed Systems (SRDS).2013, pp. 215-224.
 Joh, H. & Malaiya, Y. K. Defining and Assessing Quantitative Security Risk Measures Using Vulnerability Lifecycle and CVSS Metrics. Proc. Int. Conference on Security and Management. 2011, pp. 10-16.
 Frei, S. & May, S. & Fiedler, U. & Plattner, B. (2006). Large-scale vulnerability analysis. LSAD ’06: Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense, 2006, pp. 131–138.
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0)