Institutional Repository
    • Türkçe
    • English
  • English 
    • Türkçe
    • English
  • Login
View Item 
  •   University of Economics & Technology Repository
  • Akademik Arşiv / Institutional Repository
  • Mühendislik Fakültesi / Faculty of Engineering
  • Bilgisayar Mühendisliği Bölümü / Department of Computer Engineering
  • View Item
  •   University of Economics & Technology Repository
  • Akademik Arşiv / Institutional Repository
  • Mühendislik Fakültesi / Faculty of Engineering
  • Bilgisayar Mühendisliği Bölümü / Department of Computer Engineering
  • View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.

Automated generation of attack graphs using NVD

Thumbnail
Date
2018
Author
Aksu, M. Ugur
Bıçakcı, Kemal
Dilek, M.H.
Özbayoğlu, Ahmet Murat
Tatlı, E.İ.
Metadata
Show full item record
Abstract
Today’s computer networks are prone to sophisticated multi-step, multi-host attacks. Common approaches of identifying vulnerabilities and analyzing the security of such networks with naive methods such as counting the number of vulnerabilities, or examining the vulnerabilities independently produces incomprehensive and limited security assessment results. On the other hand, attack graphs generated from the identified vulnerabilities at a network illustrate security risks via attack paths that are not apparent with the results of the primitive approaches. One common technique of generating attack graphs requires well established definitions and data of prerequisites and postconditions for the known vulnerabilities. A number of works suggest prerequisite and postcondition categorization schemes for software vulnerabilities. However, generating them in an automated way is an open issue. In this paper, we first define a model that evolves over the previous works to depict the requirements of exploiting vulnerabilities for generating attack graphs. Then we describe and compare the results of two different novel approaches (rule-based and machine learning-employed) that we propose for generating attacker privilege fields as prerequisites and postconditions from the National Vulnerability Database (NVD) in an automated way. We observe that prerequisite and postcondition privileges can be generated with overall accuracy rates of 88,8 % and 95,7 % with rule-based and machine learning-employed (Multilayer Perceptron) models respectively.
URI
https://dl.acm.org/citation.cfm?doid=3176258.3176339
http://hdl.handle.net/20.500.11851/1958
Collections
  • Bilgisayar Mühendisliği Bölümü / Department of Computer Engineering

DSpace software copyright © 2002-2016  DuraSpace
Contact Us | Send Feedback
Theme by 
Atmire NV
 

 




by OpenAIRE

Browse

All of RepositoryCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsBy Submit DateBy TypeKapsamWOSScopusPubMedTR-DizinAvrupa Birliği Destekli Yayın SayısıTÜBİTAK Destekli Yayın SayısıDilErişimThis CollectionBy Issue DateAuthorsTitlesSubjectsBy Submit DateBy TypeKapsamWOSScopusPubMedTR-DizinAvrupa Birliği Destekli Yayın SayısıTÜBİTAK Destekli Yayın SayısıDilErişim

My Account

LoginRegister

DSpace software copyright © 2002-2016  DuraSpace
Contact Us | Send Feedback
Theme by 
Atmire NV
 

 


Creative Commons License
Institutional Repository by TOBB ETU Institutional Repository is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License..

Institutional Repository:



TOBB ETU için Devinim Yazılım Eğitim Danışmanlık tarafından özelleştirilerek kurulmuştur.