Quarterly journal published in SPbPU
and edited by prof. Dmitry Zegzhda
Peter the Great St. Petersburg Polytechnic University
Institute of computer sciences and technologies
information security of computer systems
Information Security Problems. Computer Systems
Published since 1999.
ISSN 2071-8217
PRESENTATION OF GRAPH-BASED MODEL FOR USE IN AUTOMATED SECURITY ANALYSIS SYSTEMS
D. A. Moskvin, E. M. Orel, A. A. Lyashenko Peter the Great St. Petersburg Polytechnic University
Annotation: This paper presents a mathematical graph-based model for use in automated security analysis systems. The model allows to link information about the system obtained by a specialist in the process of security analysis with a set of attack scenarios in which it may be involved. Executing each scenario results in new portion of data, that describes some system component and contributes to the expansion of the attack graph.
Keywords: attack graph, graph-based model, security analysis, attack scenarios, heterogenic systems, security assessment, penetration testing
Pages 28–35