IEEE Access (Jan 2018)

A Vulnerability Assessment Method in Industrial Internet of Things Based on Attack Graph and Maximum Flow

  • Huan Wang,
  • Zhanfang Chen,
  • Jianping Zhao,
  • Xiaoqiang Di,
  • Dan Liu

DOI
https://doi.org/10.1109/ACCESS.2018.2805690
Journal volume & issue
Vol. 6
pp. 8599 – 8609

Abstract

Read online

To solve the low attack path quantification degree and complex path finding in the industrial Internet of Things, a vulnerability assessment method based on attack graph and maximum flow is proposed. The method takes into account the factors influencing the attack behavior and relationship between network nodes. The attack risk is calculated by common vulnerability scoring system, which increases the attack path quantification degree. The maximum loss flow describes the attack path, evaluates the network vulnerability by maximum loss flow and loss saturation and represents the vulnerability relevance. Avoiding the repeat calculation and obtaining the potential key vulnerability path fast, the augmented road algorithm is used to find optimal attack path within global path. The result shows that the method is feasible and can evaluate the vulnerability and risk path objectively.

Keywords