Netinfo Security ›› 2022, Vol. 22 ›› Issue (3): 29-38.doi: 10.3969/j.issn.1671-1122.2022.03.004

Previous Articles     Next Articles

System Attack Surface Modeling Method in Network

GU Zhaojun1,2, YANG Rui1,2, SUI He1,3()   

  1. 1. Information Security Evaluation Center, Civil Aviation University of China, Tianjin 300300, China
    2. College of Computer Science and Technology, Civil Aviation University of China, Tianjin 300300, China
    3. College of Aeronautical Engineering, Civil Aviation University of China, Tianjin 300300, China
  • Received:2021-09-08 Online:2022-03-10 Published:2022-03-28
  • Contact: SUI He E-mail:suihe0514@163.com

Abstract:

Aiming at the problems that the air traffic control information system is isolated from the Internet and the use of public released vulnerability information cannot effectively reflect its network security, this paper proposed a risk measurement model of air traffic management information system at the network level. The dimension of attack surface modeling had ports, protocols, data for each resource component. This model used Bayesian network to represent the relationship among resources to establish resource graph. Each resource component’s attack surface and vulnerability severity based on resource graph were fused into network attack surface triple. It represented the threat level of three dimensions and calculated the overall risk of the network architecture. Simulation experiments were carried out in the air traffic management automation system. Experiments quantified the threat situation of the system in different attack paths and dimensions. Besides, the network structure risk was analyzed from different angles and levels. Experimental results demonstrate the rationality and practical effectiveness of the proposed system attack surface risk assessment method. The attack surface model provides guidance for network security measures of air traffic management information system. Thus, security administrator can maximize system security under finite conditions.

Key words: risk measurement model, Bayesian network, attack surface metric, air traffic information system

CLC Number: