| Summary: | To solve the low attack path quantification degree and complex path finding in the industrial Internet of Things, a vulnerability assessment method based on attack graph and maximum flow is proposed. The method takes into account the factors influencing the attack behavior and relationship between network nodes. The attack risk is calculated by common vulnerability scoring system, which increases the attack path quantification degree. The maximum loss flow describes the attack path, evaluates the network vulnerability by maximum loss flow and loss saturation and represents the vulnerability relevance. Avoiding the repeat calculation and obtaining the potential key vulnerability path fast, the augmented road algorithm is used to find optimal attack path within global path. The result shows that the method is feasible and can evaluate the vulnerability and risk path objectively.
|
|---|
