Publication Type : Conference Paper
Publisher : ACM International Conference Proceeding Series
Source : ACM International Conference Proceeding Series, Kerala, p.9-21 (2012)
Url : http://www.scopus.com/inward/record.url?eid=2-s2.0-84879818135&partnerID=40&md5=102bf782859dcb6490c806d60cabf942
ISBN : 9781450318228
Keywords : Commercial-off-the-shelf, Engines, Internet, Metric, Metric system, Network security, Pre and post conditions, Predicion, Reconciliation, Reconciliation process, Research laboratories, risk assessment, Scanning, Vulnerability, Vulnerability scanner
Campus : Coimbatore
School : School of Engineering
Center : TIFAC CORE in Cyber Security
Department : Computer Science, Mathematics, cyber Security
Year : 2012
Abstract : Vulnerability reconciliation is the process that analyses the output produced by one or more vulnerability scanners and provides a more succinct and high-level view of vulnerabilities and its overall impact factor in the network. Here attack graphs method is used for predicting the various ways of penetrating a network to reach its critical assets. In particular, automated analysis of network configuration and attacker exploits provides an attack graph showing all possible paths to critical assets. The aim is to implement Reconciliation engine for identifying the various critical vulnerabilities and a metric system for identifying the overall impact of the vulnerabilities in that network. The reconciliation process is done by analysing the results obtained from different vulnerability scanners and combining them. As part of this, vulnerability tools from commercial off-the-shelf (COTS), Government off-the-shelf (GOTS), and research laboratory were selected. The automatic extraction of vulnerability information for attack graph prediction is analysed. Vulnerability information describes what is required for a vulnerability to be exploited and what are the after effects of that exploitation. A data structure is analysed which is able to represent pre and post conditions of each vulnerabilities. The combined risk assessment provides a readily comprehensible picture of the risk posture, assisting the analyst in the definition of an acceptable risk posture for an operational system or preliminary system design. We would be finding a metric value for denoting the overall vulnerability of the network after analysing critical vulnerabilities. Copyright 2012 ACM.
Cite this Research Publication : H. Va Nath, Gangadharan, Kb, and Dr. M. Sethumadhavan, “Reconciliation engine and metric for network vulnerability assessment”, in ACM International Conference Proceeding Series, Kerala, 2012, pp. 9-21.