基于Optimized-AG的节点攻击路径预测方法
|
摘要
针对传统攻击图中因对节点分析考虑不全面而导致的攻击路径预测不准确问题,提出一种基于攻击图攻击行为分析的攻击路径预测方法.先通过节点攻击距离权重对传统的攻击图进行优化,决策出可能的攻击路径,并计算其路径的节点攻击行为成本,然后基于估计函数判断出优先考虑的攻击路径.实验结果表明,该方法有效消除了攻击图路径冗余,能筛选出可靠的攻击路径,提高了攻击图攻击路径预测的准确性.
Aiming at the problem of inaccuracy of attack path prediction caused by incomplete node analysis in traditional attack graph,we proposed a prediction method of attack path based on attack graph attack behavior analysis.First,the traditional attack graph was optimized by the node attack distance weight,the possible attack path was decided,and the node attack behavior cost of the path was calculated.Then,the priority attack path was determined based on the estimation function.The experimental results show that the method can effectively eliminate the path redundancy of the attack graph and filter out reliable attack path,which improves the accuracy of the attack graph attack path prediction.
Aiming at the problem of inaccuracy of attack path prediction caused by incomplete node analysis in traditional attack graph,we proposed a prediction method of attack path based on attack graph attack behavior analysis.First,the traditional attack graph was optimized by the node attack distance weight,the possible attack path was decided,and the node attack behavior cost of the path was calculated.Then,the priority attack path was determined based on the estimation function.The experimental results show that the method can effectively eliminate the path redundancy of the attack graph and filter out reliable attack path,which improves the accuracy of the attack graph attack path prediction.
引文
[1]高妮,高岭,贺毅岳,等.基于贝叶斯攻击图的动态完全风险评估模型[J].四川大学学报(工程科学版),2016,48(1):111-118.(GAO Ni,GAO Ling,HE Yiyue,et al.Dynamic Security Risk Assessment Model Based on Bayesian Attack Graph[J].Journal of Sichuan University(Engineering Science Edition),2016,48(1):111-118.)
[2]黄永洪,吴一凡,杨豪璞,等.基于攻击图的APT脆弱节点评估方法[J].重庆邮电大学学报(自然科学版),2017,29(4):535-541.(HUANG Yonghong,WU Yifan,YANG Haopu,et al.Graph-Based Vulnerability Assessment for APT Attack[J].Journal of Chongqing University of Posts and Telecommunications(Natural Science Edition),2017,29(4):535-541.)
[3]BISWAS S.Extraction of Network Information-Quality and Quantity-from Nodes of Neuronal Network[C]//International Conference on Information Technology.Piscataway,NJ:IEEE,2017:118-123.
[4]周诚,李伟伟,莫璇,等.一种网络安全脆弱性评估方法[J].江苏大学学报(自然科学版),2017,38(1):68-77.(ZHOU Cheng,LI Weiwei,MO Xuan,et al.A Assessment Method of Network Security Vulnerability[J].Journal of Jiangsu University(Natural Science Edition),2017,38(1):68-77.)
[5]KAYNAR K.A Taxonomy for Attack Graph Generation and Usage in Network Security[J].Journal of Information Security&Applications,2016,29:27-56.
[6]MU珦NOZ-GONZLEZ L,SGANDURRA D,PAUDICE A,et al.Efficient Attack Graph Analysis through Approximate Inference[J].ACM Transactions on Privacy and Security,2016,20(3):1-30.
[7]POOLSAPPASIT N,DEWRI R,RAY I.Dynamic Security Risk Management Using Bayesian Attack Graphs[J].IEEE Transactions on Dependable&Secure Computing,2011,9(1):61-74.
[8]LI Heng,WANG Yongjun,CAO Yuan.Searching Forward Complete Attack Graph Generation Algorithm Based on Hypergraph Partitioning[J].Procedia Computer Science,2017,107:27-38.
[9]吴泓润,覃俊,郑波尽.基于代价的复杂网络抗攻击性研究[J].计算机科学,2012,39(8):224-227.(WU Hongrun,QIN Jun,ZHENG Bojin.Anti-attack Ability Based on Costs in Complex Networks[J].Computer Science,2012,39(8):224-227.)
[10]司健,陈鹏,顾宁平,等.网络攻击图逆向深度优先生成算法[J].计算机工程与应用,2017,53(3):131-137.(SI Jian,CHEN Peng,GU Ningping,et al.Network Attack Graph Backward Depth-First Building Algorithm[J].Computer Engineering&Applications,2017,53(3):131-137.)
[11]陈小军,时金桥,徐菲,等.面向内部威胁的最优安全策略算法研究[J].计算机研究与发展,2014,51(7):1565-1577.(CHEN Xiaojun,SHI Jinqiao,XU Fei,et al.Algorithm of Optimal Security Hardening Measures against Insider Threat[J].Journal of Computer Research and Development,2014,51(7):1565-1577.)
[12]崔舒婷,赵成萍,周新志,等.基于马尔科夫生存模型与粒子群算法的动态航路规划[J].四川大学学报(自然科学版),2018,55(3):501-506.(CUI Shuting,ZHAO Chengping,ZHOU Xinzhi,et al.Online Route Planning Based on Markov Survival Model and PSO Algorithm[J].Journal of Sichuan University(Natural Science Edition),2018,55(3):501-506.)
[13]王辉,刘淑芬.一种可扩展的内部威胁预测模型[J].计算机学报,2006,29(8):1346-1355.(WANG Hui,LIU Shufen.A Scalable Predicting Model for Insider Threat[J].Chinese Journal of Computers,2006,29(8):1346-1355.)
[2]黄永洪,吴一凡,杨豪璞,等.基于攻击图的APT脆弱节点评估方法[J].重庆邮电大学学报(自然科学版),2017,29(4):535-541.(HUANG Yonghong,WU Yifan,YANG Haopu,et al.Graph-Based Vulnerability Assessment for APT Attack[J].Journal of Chongqing University of Posts and Telecommunications(Natural Science Edition),2017,29(4):535-541.)
[3]BISWAS S.Extraction of Network Information-Quality and Quantity-from Nodes of Neuronal Network[C]//International Conference on Information Technology.Piscataway,NJ:IEEE,2017:118-123.
[4]周诚,李伟伟,莫璇,等.一种网络安全脆弱性评估方法[J].江苏大学学报(自然科学版),2017,38(1):68-77.(ZHOU Cheng,LI Weiwei,MO Xuan,et al.A Assessment Method of Network Security Vulnerability[J].Journal of Jiangsu University(Natural Science Edition),2017,38(1):68-77.)
[5]KAYNAR K.A Taxonomy for Attack Graph Generation and Usage in Network Security[J].Journal of Information Security&Applications,2016,29:27-56.
[6]MU珦NOZ-GONZLEZ L,SGANDURRA D,PAUDICE A,et al.Efficient Attack Graph Analysis through Approximate Inference[J].ACM Transactions on Privacy and Security,2016,20(3):1-30.
[7]POOLSAPPASIT N,DEWRI R,RAY I.Dynamic Security Risk Management Using Bayesian Attack Graphs[J].IEEE Transactions on Dependable&Secure Computing,2011,9(1):61-74.
[8]LI Heng,WANG Yongjun,CAO Yuan.Searching Forward Complete Attack Graph Generation Algorithm Based on Hypergraph Partitioning[J].Procedia Computer Science,2017,107:27-38.
[9]吴泓润,覃俊,郑波尽.基于代价的复杂网络抗攻击性研究[J].计算机科学,2012,39(8):224-227.(WU Hongrun,QIN Jun,ZHENG Bojin.Anti-attack Ability Based on Costs in Complex Networks[J].Computer Science,2012,39(8):224-227.)
[10]司健,陈鹏,顾宁平,等.网络攻击图逆向深度优先生成算法[J].计算机工程与应用,2017,53(3):131-137.(SI Jian,CHEN Peng,GU Ningping,et al.Network Attack Graph Backward Depth-First Building Algorithm[J].Computer Engineering&Applications,2017,53(3):131-137.)
[11]陈小军,时金桥,徐菲,等.面向内部威胁的最优安全策略算法研究[J].计算机研究与发展,2014,51(7):1565-1577.(CHEN Xiaojun,SHI Jinqiao,XU Fei,et al.Algorithm of Optimal Security Hardening Measures against Insider Threat[J].Journal of Computer Research and Development,2014,51(7):1565-1577.)
[12]崔舒婷,赵成萍,周新志,等.基于马尔科夫生存模型与粒子群算法的动态航路规划[J].四川大学学报(自然科学版),2018,55(3):501-506.(CUI Shuting,ZHAO Chengping,ZHOU Xinzhi,et al.Online Route Planning Based on Markov Survival Model and PSO Algorithm[J].Journal of Sichuan University(Natural Science Edition),2018,55(3):501-506.)
[13]王辉,刘淑芬.一种可扩展的内部威胁预测模型[J].计算机学报,2006,29(8):1346-1355.(WANG Hui,LIU Shufen.A Scalable Predicting Model for Insider Threat[J].Chinese Journal of Computers,2006,29(8):1346-1355.)