摘要
提出了针对多阶段攻击分析的多阶段有限状态机模型,用于分析复杂的攻击行为。通过M-FSM模型能够对攻击的步骤和路径进行综合分析,从而发现网络中存在的安全漏洞和不当的安全配置。在对多阶段攻击进行综合分析的基础上,系统管理员可以以最小的投入对系统进行加固。
An M - FSM model is proposed for the multi - stage vulnerable operations. The goal of this M - FSM is to reason how the implemented step - by - step operation, or more precisely each step activity within the whole operation, contributes an attack goal. This model can be used in discovering attack paths to critical network resources. From these attack paths the system administrator can then derive an expression for network safety in terms of the initial configuration and take measures to reinforce the network.
出处
《空军工程大学学报(自然科学版)》
CSCD
北大核心
2006年第1期31-34,共4页
Journal of Air Force Engineering University(Natural Science Edition)
基金
国家自然科学基金资助项目(60572162)
关键词
攻击模型
多阶段攻击
有限状态机
风险评估
attack model
multi -stage attack
finite state machine
risk assessment