| 主权项 |
1. A method for determining a safety level of a network vulnerable to attack from at least one origin to at least one target, the network comprising at least one machine having a plurality of components, comprising:
associating, with a computer, the at least one machine with the plurality of components, the plurality of components comprising an origin component and a target component; associating, with the computer, each of the plurality of components with at least one of a plurality of vulnerabilities; determining, with the computer, a plurality of degrees of similarity among the plurality of vulnerabilities; grouping, with the computer, subsets of the plurality of vulnerabilities based on their determined degrees of similarity to one another, wherein each group of vulnerabilities is subject to a distinct zero day exploit; generating, with the computer, an attack graph describing exploitation of the plurality of vulnerabilities, the attack graph defining exploit condition relationships between the origin component and the target component; analyzing, with the computer, the attack graph using a k-zero day metric function based on a number of distinct zero day exploits required to compromise the target component in an attack starting from the origin component; and determining, with the computer, a safety level based on the analysis of the attack graph using the k-zero day metric function. |
