Security Assessment Based on Attack Graphs and Open Standards for Computer Networks with Mobile Components

• Published in: Research briefs on information & communication technology evolution Vol. 2; pp. 45 - 55
• Main Authors: Elena Doynikova, Igor Kotenko
• Format: Journal Article
• Language: English
• Published: 31.03.2016
• ISSN: 2383-9201; 2383-9201
• DOI: 10.56801/rebicte.v2i.33

The paper suggests an automatized approach to risk assessment for wireless networks. The approachis based on attack graphs and open standards for security data representation, open databases of attackpatterns and vulnerabilities. The suggested approach extends a technique to risk assessment ofcomputer networks suggested by the authors earlier to consider mobile networks. The paper analyzesthe features of attacks against mobile devices and wireless connection channels. On the base of thisanalysis an approach to attack feature consideration in the process of attack graph generation is developed.A technique of calculation of risk assessment metrics is suggested. Generation of an attackgraph and calculation of risks is demonstrated on a sample network with mobile components.