Forecasting future attacks is a big challenge for network administrators because future is generally unknown. Nevertheless, some information about the future can help us make better decisions in present time. Attack graph is the most well-known tool for risk assessment and attack prediction. However, it only provides static information about probability of vulnerability exploitation, which is not reliable for predicting the future. Moreover, attack graph does not consider the uncertainty of probabilities. Therefore, the primary goal of this paper is to present an attack forecasting approach that can predict future network attacks with more precision and dynamically adapts to changes in the environment. Our proposed approach handles the uncertainty of attack probabilities and uses additional information, such as intrusion alerts, active responses, and dependency graph in the forecasting process. Experiments show that size and complexity of the proposed forecasting attack graph makes it suitable for predicting future attacks even in large-scale networks.

• 出版日期2016-5