Large-Scale Intranet Security Assessment Based on Bayesian Attack Graphs Using System Audit Logs

This research proposes a new method for assessing security risks in large corporate networks by using Bayesian attack graphs (mathematical models that show how attackers might chain together vulnerabilities to breach a system) built from system audit logs (records of activities on computers). The method addresses limitations of traditional security approaches by capturing real-time changes in network configurations and identifying the most dangerous attack paths while reducing computational complexity.