Security Assessment Based on Attack Graphs and Open Standards for Computer Networks with Mobile Components
Main Article Content
Keywords
Mobile Networks, Mobile Security, Risk Analysis, Risk Assessment, Attack Graphs, Security Metrics
Abstract
The paper suggests an automatized approach to risk assessment for wireless networks. The approach
is based on attack graphs and open standards for security data representation, open databases of attack
patterns and vulnerabilities. The suggested approach extends a technique to risk assessment of
computer networks suggested by the authors earlier to consider mobile networks. The paper analyzes
the features of attacks against mobile devices and wireless connection channels. On the base of this
analysis an approach to attack feature consideration in the process of attack graph generation is developed.
A technique of calculation of risk assessment metrics is suggested. Generation of an attack
graph and calculation of risks is demonstrated on a sample network with mobile components.