| 发明名称 | K-zero day safety | ||
| 摘要 | Systems and methods for determining a safety level of a network vulnerable to attack from at least one origin to at least one target are described. Machines, components, and vulnerabilities in a network may be associated to one another. Degrees of similarity among the vulnerabilities may be determined and subsets of vulnerabilities may be grouped based on their determined degrees of similarity to one another. This data may be used to generate an attack graph describing exploitation of vulnerabilities and grouped vulnerabilities and defining vulnerability exploit condition relationships between at least one origin and at least one target. The attack graph may be analyzed using a k-zero day metric function to determine a safety level. | ||
| 申请公布号 | US9325729(B2) | 申请公布日期 | 2016.04.26 |
| 申请号 | US201414324966 | 申请日期 | 2014.07.07 |
| 申请人 | George Mason Research Foundation, Inc.;The United States of America, as represented by the Secretary of Commerce, The National Institute of Standards and Technology | 发明人 | Jajodia Sushil;Wang Lingyu;Noel Steven;Singhal Anoop |
| 分类号 | H04L29/06;G06F21/57 | 主分类号 | H04L29/06 |
| 代理机构 | Eckert Seamans Cherin & Mellott, LLC | 代理人 | Eckert Seamans Cherin & Mellott, LLC ;Levy Philip E. |
| 主权项 | 1. A method for securing a network vulnerable to attack from at least one origin to at least one target, the network including at least one machine having a plurality of components, the method comprising: (i) causing a present security of the network to be determined, wherein the present security of the network is indicated by a safety level of the network, wherein the safety level is determined by: associating, with a computer, the at least one machine with the plurality of components, the plurality of components comprising an origin component and a target component;associating, with the computer, each of the plurality of components with at least one of a plurality of vulnerabilities; generating, with the computer, an attack graph describing exploitation of each of the plurality of vulnerabilities, the attack graph defining exploit condition relationships between the origin component and the target component;analyzing, with the computer, the attack graph using a k-zero day metric function based on a number of distinct zero day exploits required to compromise the target component in an attack starting from the origin component; anddetermining, with the computer, the safety level based on the analysis of the attack graph using the k-zero day metric function; and (ii) causing hardening to be performed on the network based on the determined safety level. | ||
| 地址 | Fairfax VA US | ||