• Jul 04, 2018 News!JACN Vol.6, No.1 has been published with online version.   [Click]
  • Jun 05, 2018 News!ICINT 2018 (The annual meeting of JACN) has been successfully held in Osaka, Japan during May 24-26.   [Click]
  • May 22, 2018 News!JACN has been included in EBSCO database.
General Information
    • ISSN: 1793-8244
    • Frequency: Semiyearly
    • DOI: 10.18178/JACN
    • Editor-in-Chief: Dr. Ka Wai Gary Wong
    • Executive Editor: Ms. Nina Lee
    • Abstracting/ Indexing: EI (INSPEC, IET),  Electronic Journals Library, Ulrich's Periodicals Directory, EBSCO, ProQuest, and Google Scholar.
    • E-mail: jacn@ejournal.net
Editor-in-chief
Dr. Ka Wai Gary Wong
Division of Information and Technology Studies, Faculty of Education, The University of Hong Kong.
It's a honor to serve as the editor-in-chief of JACN. I'll work together with the editors and reviewers to help the journal progress
JACN 2018 Vol.6(1): 18-23 ISSN: 1793-8244
DOI: 10.18178/JACN.2018.6.1.248

Attack Strategy Prediction with Precisely Estimated Probability and Evidence Mapping

Chih-Hung Wang and Ren-Wei Liou
Abstract—With the advance on computer science technology, the attackers’ ability has continuously improved as well, and their artifices are getting more and more sophisticated. To secure the system, an intrusion detection system is usually deployed to notice the administrator when abnormal events happen. However, due to the poor quality of IDS alerts, massive quantity of alerts will hold analysts back when defending. Furthermore, it is not enough to avoid the attacking threats only knowing current crisis. With the assist of prediction, defenders can one step ahead of the attackers to increase the successful defense rate. In this paper, we propose a network attack prediction framework based on the improved attack graph. Two probability propagation functions are designed to update the probabilities for the next connected nodes. Through the pre-drawn probability attack graph, the administrator can realize all possible weak spots and attack paths in the system. Moreover, this paper provides a mapping function to map the exact alert as an evidence to the node of the attack graph to recalculate the probabilities in the attack graph and predict the most likely attacking path in the current situation.

Index Terms—Attack graph, intrusion detection system, evidence mapping, network vulnerability analysis.

Chih-Hung Wang and Ren-Wei Liou are with Department of Computer Science and Information Engineering, National Chiayi University, Chiayi, Taiwan (e-mail: wangch@mail.ncyu.edu.tw, s1040489@mail.ncyu.edu.tw).

[PDF]

Cite:Chih-Hung Wang and Ren-Wei Liou, "Attack Strategy Prediction with Precisely Estimated Probability and Evidence Mapping," Journal of Advances in Computer Networks vol. 6, no. 1, pp. 18-23, 2018.

Copyright © 2008-2018. Journal of Advances in Computer Networks.  All rights reserved.
E-mail: jacn@ejournal.net