A.Brinda, N.Balaganesh, M.S.Bhuvaneswari
Recent surveys say that users prefer secure services to affordable services. The systems that are connected to a network are highly vulnerable and the resources are under a chance of exploitation. The attackers are attracted towards such vulnerabilities which provoke them to deploy their attacks more effectively causing a denial of service. This leads to the loss of information and rise of many zombie machines. If one system is compromised and becomes a zombie, the dependent systems are more prone to similar attacks. Moreover, as the users share computing resources through the same switch and file systems, there is also a chance of insiders turning into attackers to obtain information about opponents. The attackers can launch several attacks such as buffer overflow and remote code execution to gain the root access privilege. Hence, the detection of such zombie exploitation attacks is extremely difficult. In this paper, a vulnerability detection mechanism is proposed. It is built on attack graph-based models. The major components are a network intrusion detection agent and an attack graph generator. It comprises of two phases: Identification phase and Graph generation phase. It performs attack detection and identifies the corresponding vulnerability that has been exploited by means of an attack graph.
English 
Spanish 
Russian 
German 
French 
Japanese 
Portuguese 
Hindi