상세정보
학술지
A Semantic Approach to Improving Machine Readability of a Large-scale Attack Graph
- 발행일
- 201906
- 출처
- Journal of Supercomputing, v.75 no.6, pp.3028-3045
- ISSN
- 0920-8542
- 출판사
- Springer
- 협약과제
- 19HH4800, 능동적 사전보안을 위한 사이버 자가변이 기술 개발, 문대성
- 초록
- Automation in cyber security can be achieved by using attack graphs. Attack graphs allow us to model possible paths that a potential attacker can use to intrude into a target network. In particular, graph representation is often used to increase visibility of information, but it is not effective when a large-scale attack graph is produced. However, it is inevitable that such a voluminous attack graph is generated by modeling a variety of data from an increasing number of network hosts. Therefore, we need more intelligent ways of inferring the knowledge required to harden network security from the attack graph, beyond getting information such as possible attack paths. Ontology technology enables a machine to understand information and makes it easier to infer knowledge based on relational facts from big data. Constructing ontology in the domain of attack graph generation is a prerequisite for increasing machine intelligence and implementing an automated process. In this paper, we propose a semantic approach to make a large-scale attack graph machine readable. The approach provides several benefits. First, users can obtain relational facts based on reasoning from a large-scale attack graph, and the semantics of an attack graph can provide intuition to users. In addition, intelligence-based security assessment can be possible using the obtained ontological structures. By improving the machine readability of an attack graph, our approach could lead to automated assessment of network security.
- KSP 제안 키워드
- Automated Assessment, Big Data, Cyber security, Graph machine, Knowledge-based, Ontology technology, Security Assessment, attack graph generation, attack paths, graph representation, large-scale