COMPREHENSIVE RISK ASSESSMENT IN A HETEROGENEOUS DYNAMIC NETWORK
First Claim
1. A processor implemented method comprising:
- receiving data pertaining to information flow between a plurality of nodes identified within systems in a network (202);
identifying one or more affected nodes from the plurality of nodes and one or more affected paths therebetween (204); and
computing attack risk at the one or more affected nodes (206).
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods of the present disclosure provide comprehensive risk assessment in a heterogeneous dynamic network. The framework enables ‘view’ and ‘analyses’ of complete architecture simultaneously in information view, deployment view, business view and security view. Fundamentally, data pertaining to information flow between a plurality of nodes within systems in a network is identified. One or more affected nodes or paths therebetween are identified and attack risk is computed. The graph based framework supports multiple threat models for threat evaluation. It also provides mitigation plans which will reflect reduced risk in the business view and incorporates attack tree simulations to evaluate dynamic behavior of a system under attack.
-
Citations
20 Claims
-
1. A processor implemented method comprising:
-
receiving data pertaining to information flow between a plurality of nodes identified within systems in a network (202); identifying one or more affected nodes from the plurality of nodes and one or more affected paths therebetween (204); and computing attack risk at the one or more affected nodes (206). - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system comprising:
-
one or more data storage devices (102) operatively coupled to one or more hardware processors (104) and configured to store instructions configured for execution by the one or more hardware processors to; receive data pertaining to information flow between a plurality of nodes identified within systems in a network (202); identify one or more affected nodes from the plurality of nodes and one or more affected paths therebetween (204); and compute attack risk at the one or more affected nodes (206). - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 20)
-
-
19. A computer program product comprising a non-transitory computer readable medium having a computer readable program embodied therein, wherein the computer readable program, when executed on a computing device, causes the computing device to:
-
receive data pertaining to information flow between a plurality of nodes identified within systems in a network (202); identify one or more affected nodes from the plurality of nodes and one or more affected paths therebetween (204); and compute attack risk at the one or more affected nodes
-
Specification