M. Abadi, S. Jalili,
Volume 2, Issue 3 (7-2006)
Abstract
Intruders often combine exploits against multiple vulnerabilities in order to
break into the system. Each attack scenario is a sequence of exploits launched by an
intruder that leads to an undesirable state such as access to a database, service disruption,
etc. The collection of possible attack scenarios in a computer network can be represented by
a directed graph, called network attack graph (NAG). The aim of minimization analysis of
network attack graphs is to find a minimum critical set of exploits that completely
disconnect the initial nodes and the goal nodes of the graph. In this paper, we present an ant
colony optimization algorithm, called AntNAG, for minimization analysis of large-scale
network attack graphs. Each ant constructs a critical set of exploits. A local search heuristic
has been used to improve the overall performance of the algorithm. The aim is to find a
minimum critical set of exploits that must be prevented to guarantee no attack scenario is
possible. We compare the performance of the AntNAG with a greedy algorithm for
minimization analysis of several large-scale network attack graphs. The results of the
experiments show that the AntNAG can be successfully used for minimization analysis of
large-scale network attack graphs.
F. Farabi, M. R. Mosavi, S. Karami,
Volume 11, Issue 2 (6-2015)
Abstract
Impressive development of computer networks has been required precise evaluation of efficiency of these networks for users and especially internet service providers. Considering the extent of these networks, there has been numerous factors affecting their performance and thoroughly investigation of these networks needs evaluation of the effective parameters by using suitable tools. There are several tools to measure network's performance which evaluate and analyze the parameters affecting the performance of the network. D-ITG traffic generator and measuring tool is one of the efficient tools in this field with significant advantages over other tools. One of D-ITG drawbacks is the need to determine input parameters by user in which the procedure of determining the input variables would have an important role on the results. So, introducing an automatic method to determine the input parameters considering the characteristics of the network to be tested would be a great improvement in the application of this tool. In this paper, an efficient method has been proposed to determine optimal input variables applying evolutionary algorithms. Then, automatic D-ITG tool operation would be studied. The results indicate that these algorithms effectively determine the optimal input variables which significantly improve the D-ITG application.
