期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种防范多阶段网络攻击的综合分析方法

An Integrated Analysis Approach for Defending Multi-Stage Attacks
下载PDF
导出
摘要 提出了一种防范多阶段网络攻击的综合分析方法,首先捕获系统漏洞、攻击者的能力、以及这些信息之间的关系,将其模型化;然后利用改进的模型检测器NuSMV自动产生只包含能对系统造成危害的漏洞的攻击链;最后以攻击链为基础建立简化的攻击树,通过将攻击树量化进行风险评估、可靠性评估、最短路径分析等等。仿真实验表明该方法不仅能够有效的防范多阶段攻击,而且能够对网络进行脆弱性评估。 This paper presents an integrated analysis approach for defending multi_stage network attaks. First, it models the network by capturing system vulnerabilities, attacker capabilities, and the trust relationships; then on the basis of the improved model checker NuSMV, it produces attack chain automatically and efficiently, only containing vulnerabilities which endanger the security of system; Finally, it constructs simplified attack tree based on the attack chain and performs further analysis, such as risk analysis, reliability analysis, or shortest path analysis, by qualifying the attack tree. The simulation results indicate that this method not only can defend multi_stage efficiently, but also can be used to assess the overall vulnerability of the network .
作者 孙知信 王成
机构地区 南京邮电大学计算机学院
出处 《南京邮电大学学报(自然科学版)》 2006年第5期1-5,共5页 Journal of Nanjing University of Posts and Telecommunications:Natural Science Edition
基金 教育部回国人员 南京市回国人员择优资助项目
关键词 多阶段网络攻击 NUSMV 攻击链 攻击树 脆弱性评估 Multi_Stage network attack NuSMV Attack chain Attack tree Vulnerability assess
分类号 TP393.08 [自动化与计算机技术—计算机应用技术] TP311.11 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献13

  • 1SANDEEP K. Classification and detection of compute intrusion[ D ]. West Lafavette: Computer Department Purdue University, 1995.
  • 2SCHNEIER B. Attack Trees: Modeling Security Threats [ EB/OL].http ://www. schneier, com/paper-attacktrees-ddj-ft, html
  • 3李昀,李伟华.基于UML的攻击模式研究[J].计算机工程与应用,2003,39(3):8-10. 被引量:4
  • 4HELMER G. Software fault tree and colored Petri net based specification design and implementation of agent-based intrusion detection systems [ EB/OL ]. http ://citeseer. ist. psu. edu/685031, html.
  • 5PHILLIPS C,SWILER L. A graph-based system for network vulnerability analysis [ C ]// ACM New Security Paradigms Workshop.1998:71 - 79.
  • 6SWILER L P, PHILLIPS C, ELLIS D, et al. Computer-attack graph generation tool [ C ] // Proceedings of the DARPA Information Survivability Conference and Exposition. June 12 -14, 2000.
  • 7NuSMV: a new symbolic model checker[ EB/OL]. http://nusmv.irst. itc. it./NuSMV/papers/sttt_j/html
  • 8SHEYNER O,HAINES J,JHA S, et al. Automated generation and analysis of attack graphs[ C ] // Proceedings of 2002 IEEE Symposium on Security and Privacy. 2002:273 -284.
  • 9CONSORTIUM W. Extensible Markup Language (XML) 1.0 [ EB/OL] http://www, w3. org/TR/REC-xml,Februry 1998
  • 10SOMESH J ,SHEYNER W J, O. Minimization and reliability analyses of attack graphs[ EB/OL]. http://www, cs. cmu. edu

二级参考文献4

  • 1[1]Rumbaugh J,Jacobson I,Booch G.The Unified Modeling Language User Guide[M].Addison Wesley Longman,Inc, 1999:3~4
  • 2[2]Rumbaugh J,Jacobson I,Booeh G.The Unified Modeling LanguageReference Manual[M].Addison Wesley Longman,Inc,1999:178~180
  • 3[3]Comer D E,Stevens D L.Internetworking with TCP/IP Volume I:Principles,Protocols,and Architecture[M].Third Edition,Prentice-Hall International, Inc, 1995:150~167
  • 4[4]Comer D E,Stevens D L.Internetworking with TCP/IP Volume Ⅱ:

共引文献3

南京邮电大学学报(自然科学版)
2006年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部