A Novel Method for Host Risk Assessment Based on Predecessor Attack

It is universally admitted that propagable attacks pose a more serious threat to network than a single attack. And the propagation of attacks mainly depends on vulnerabilities. Popular vulnerabilities assessment tools are able to detect hosts' vulnerabilities in detail and produce the related reports. However they always ignore the threats led by predecessor attacks from other hosts in the network, because they do not take the network conditions into consideration. In this paper, digraph is used to generate the attack paths by virtue of network and vulnerabilities information. And according to the attacks relationship of hosts, the risk of predecessor attack is considered for the general risk calculation of target hosts. A method is presented to assess the risk of hosts in network environment qualitatively and quantitatively.