Automated Attack Path Enumeration Method based on System Vulnerabilities Analysis

Ji Hong Kim; Huy Kang Kim

Automated Attack Path Enumeration Method based on System Vulnerabilities Analysis

Ji Hong Kim

Huy Kang Kim

Vol. 22, No. 5, pp. 1079-1090, Oct. 2012

10.13089/JKIISC.2012.22.5.1079, Full Text:

Keywords: Network Security, Attack Graph, System Vulnerability Evaluation
Abstract

As the number of information asset and their vulnerabilities are increasing, it becomes more difficult for network security administrators to assess security vulnerability of their system and network. There are several researches for vulnerability analysis based on quantitative approach. However, most of them are based on experts' subjective evaluation or they require a lot of manual input for deriving quantitative assessment results. In this paper, we propose HRMS(Hacking and Response Measurement System) for enumerating attack path using automated vulnerability measurement automatically. HRMS can estimate exploitability of systems or applications based on their known vulnerability assessment metric, and enumerate attack path even though system, network and application's information are not fully given for vulnerability assessment. With this proposed method, system administrators can do proactive security vulnerability assessment.

Statistics

Show / Hide Statistics

Cite this article

[IEEE Style]

J. H. Kim and H. K. Kim, "Automated Attack Path Enumeration Method based on System Vulnerabilities Analysis," Journal of The Korea Institute of Information Security and Cryptology, vol. 22, no. 5, pp. 1079-1090, 2012. DOI: 10.13089/JKIISC.2012.22.5.1079.

[ACM Style]

Ji Hong Kim and Huy Kang Kim. 2012. Automated Attack Path Enumeration Method based on System Vulnerabilities Analysis. Journal of The Korea Institute of Information Security and Cryptology, 22, 5, (2012), 1079-1090. DOI: 10.13089/JKIISC.2012.22.5.1079.