An Attack Graph Based Method for Predictive Risk Evaluation of Zero-Day Attacks

Performing risk assessment of computer networks is inevitable in the process of network hardening. To do efficient attack prevention, risk evaluation must be done in an accurate and quantitative manner. Such risk assessment requires thorough understanding of attack’s causes or vulnerabilities and their related characteristics. But one major problem is that, there are vulnerabilities that are known by attackers but there is no information about them in databases like NVD (National Vulnerability Database). Such vulnerabilities are referred to as unknown or zero day attacks. Existing standards like NVD ignore the effect of unknown attacks in risk assessment of computer networks. In this paper, by defining some attack graph based security metrics, we proposed an innovative method for risk evaluation of multi-step Zero-Day Attacks. Proposed method by predicting the intrinsic features of Zero-Day attacks makes their risk estimation possible. Considering the effect of Temporal features of vulnerabilities have made our approach a Dynamic Risk Estimator.