Publication Type:

Conference Paper

Source:

ACM International Conference Proceeding Series, Kerala, p.9-21 (2012)

ISBN:

9781450318228

URL:

http://www.scopus.com/inward/record.url?eid=2-s2.0-84879818135&partnerID=40&md5=102bf782859dcb6490c806d60cabf942

Keywords:

Commercial-off-the-shelf, Engines, Internet, Metric, Metric system, Network security, Pre and post conditions, Predicion, Reconciliation, Reconciliation process, Research laboratories, risk assessment, Scanning, Vulnerability, Vulnerability scanner

Abstract:

Vulnerability reconciliation is the process that analyses the output produced by one or more vulnerability scanners and provides a more succinct and high-level view of vulnerabilities and its overall impact factor in the network. Here attack graphs method is used for predicting the various ways of penetrating a network to reach its critical assets. In particular, automated analysis of network configuration and attacker exploits provides an attack graph showing all possible paths to critical assets. The aim is to implement Reconciliation engine for identifying the various critical vulnerabilities and a metric system for identifying the overall impact of the vulnerabilities in that network. The reconciliation process is done by analysing the results obtained from different vulnerability scanners and combining them. As part of this, vulnerability tools from commercial off-the-shelf (COTS), Government off-the-shelf (GOTS), and research laboratory were selected. The automatic extraction of vulnerability information for attack graph prediction is analysed. Vulnerability information describes what is required for a vulnerability to be exploited and what are the after effects of that exploitation. A data structure is analysed which is able to represent pre and post conditions of each vulnerabilities. The combined risk assessment provides a readily comprehensible picture of the risk posture, assisting the analyst in the definition of an acceptable risk posture for an operational system or preliminary system design. We would be finding a metric value for denoting the overall vulnerability of the network after analysing critical vulnerabilities. Copyright 2012 ACM.

Notes:

cited By (since 1996)0; Conference of org.apache.xalan.xsltc.dom.DOMAdapter@79939cf6 ; Conference Date: org.apache.xalan.xsltc.dom.DOMAdapter@4a2618d5 Through org.apache.xalan.xsltc.dom.DOMAdapter@b286dfb; Conference Code:97500

Cite this Research Publication

H. Va Nath, Gangadharan, Kb, and Dr. M. Sethumadhavan, “Reconciliation engine and metric for network vulnerability assessment”, in ACM International Conference Proceeding Series, Kerala, 2012, pp. 9-21.

207
PROGRAMS
OFFERED
6
AMRITA
CAMPUSES
15
CONSTITUENT
SCHOOLS
A
GRADE BY
NAAC, MHRD
8th
RANK(INDIA):
NIRF 2018
150+
INTERNATIONAL
PARTNERS