ETRI-Knowledge Sharing Plaform



논문 검색
구분 SCI
연도 ~ 키워드


학술지 A Semantic Approach to Improving Machine Readability of a Large-scale Attack Graph
Cited 9 time in scopus Download 7 time Share share facebook twitter linkedin kakaostory
이주영, 문대성, 김익균, 이영석
Journal of Supercomputing, v.75 no.6, pp.3028-3045
19HH4800, 능동적 사전보안을 위한 사이버 자가변이 기술 개발, 문대성
Automation in cyber security can be achieved by using attack graphs. Attack graphs allow us to model possible paths that a potential attacker can use to intrude into a target network. In particular, graph representation is often used to increase visibility of information, but it is not effective when a large-scale attack graph is produced. However, it is inevitable that such a voluminous attack graph is generated by modeling a variety of data from an increasing number of network hosts. Therefore, we need more intelligent ways of inferring the knowledge required to harden network security from the attack graph, beyond getting information such as possible attack paths. Ontology technology enables a machine to understand information and makes it easier to infer knowledge based on relational facts from big data. Constructing ontology in the domain of attack graph generation is a prerequisite for increasing machine intelligence and implementing an automated process. In this paper, we propose a semantic approach to make a large-scale attack graph machine readable. The approach provides several benefits. First, users can obtain relational facts based on reasoning from a large-scale attack graph, and the semantics of an attack graph can provide intuition to users. In addition, intelligence-based security assessment can be possible using the obtained ontological structures. By improving the machine readability of an attack graph, our approach could lead to automated assessment of network security.
Attack graph, Inference, Network security risk assessment, Ontology, Semantic attack graph
KSP 제안 키워드
Automated Assessment, Big Data, Cyber security, Graph machine, Knowledge-based, Ontology technology, Security Assessment, Security risk assessment, Semantic attack, attack graph generation, attack paths