This Springer Brief examines the tools based on attack graphs that help reveal network hardening threats. Existing tools detail all possible attack paths leading to critical network resources. Though no current tool provides a direct solution to remove the threats, they are a more efficient means of network defense than relying solely on the experience and skills of a human analyst. Key background information on attack graphs and network hardening helps readers understand the complexities of these tools and techniques. A common network hardening technique generates hardening solutions comprised of initially satisfied conditions, thereby making the solution more enforceable. Following a discussion of the complexity issues in this technique, the authors provide an improved technique that considers the dependencies between hardening options and employs a near-optimal approximation algorithm to scale linearly with the size of the inputs. Also included are automated solutions for hardening a network against sophisticated multi-step intrusions. Network Hardening: An Automated Approach to Improving Network Security is a valuable resource for researchers and professionals working in network security. It is also a useful tool for advanced-level students focused on security in computer science and electrical engineering.
Inhaltsverzeichnis
Introduction.- Related Work.- Attack Graph and Network Hardening.- Minimum-Cost Network Hardening.- Linear-Time Network Hardening.- Conclusion.