摘要
针对当前攻击路径长度预测方法存在网络攻击成功概率低,路径长度预测准确性差的问题,提出基于吸收Markov链的网络攻击路径长度预测方法。采用转移概率度量法对网络中节点访问的期望值展开分析,利用比例系数计算网络攻击图状态转移边的概率比,以网络过渡状态下期望转移概率、非零矩阵等为基础分析网络攻击者从开始到达结束的概率,并计算网络受到攻击后,初始节点的转移概率,得到网络攻击的数学期望矩阵,利用上述矩阵计算网络节点访问次数的期望值总和,利用节点的转移次数计算网络攻击路径的期望长度,构建网络过渡状态下期望转移概率矩阵,通过对矩阵的求解,最终实现多数据源层次化网络攻击路径长度的预测。实验结果表明,提出方法在对多数据源层次化网络攻击路径长度预测时,网络目标节点的置信度较低,并且网络攻击成功概率较高,不仅验证了提出方法良好的性能,也提高了网络攻击路径长度预测的准确性。
Current method to predict the attack path length has low successful probability and low prediction accuracy of path length. Therefore, a method to predict the network attack path length based on absorbing Markov chain was proposed. The measure method of transition probability was used to analyze the expected value of node access in network and the proportionality factors were used to calculate the probability ratio of state transition edge of network attack graph. Based on the expected transition probability and non-zero matrix in the network transition state, the probability of network attacker from start to end was analyzed. And then, the transition probability of initial node after the network attack was calculated to obtain the mathematical expectation matrix of network attack. In addition, this matrix was used to calculate the sum of the expected values of network node access times. Furthermore, the expected length of network attack path was computed by the number of node transition. The expected transition probability matrix under the network transition state was constructed. By solving the matrix, the prediction for the multi-data source hierarchical network attack path length was achieved. Simulation results verify that the proposed method has lower degree of confidence of network target node in predicting the length of multi-data source hierarchical network attack path and the successful probability of network attack is high. Meanwhile, the good performance of proposed method is proved and the prediction accuracy of network attack path length is improved.
作者
张科
ZHANG Ke(School of Data Science and Information Engineering,Guizhou Minzu University,Guiyang Guizhou 550025,China)
出处
《计算机仿真》
北大核心
2019年第11期432-435,共4页
Computer Simulation
关键词
多数据源
层次化
网络攻击
路径长度预测
Multiple data sources
Hierarchical
Network attack
Path length prediction
