期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

网络组合攻击建模方法研究进展 被引量:5

AdvancesinNetworkMulti-attackModeling
下载PDF
导出
摘要 在实际的计算机网络中常常存在各种各样的脆弱性,攻击者常常利用这些脆弱性逐步入侵,最终达到攻击目标。对这种网络组合攻击进行建模的研究有利于网络安全的防护者对网络的安全状态进行安全评估和采取合理的安全措施。网络组合攻击建模方法经历了从小型网络建模向中大规模网络建模的发展,由手动建模向自动化建模的方向发展,由自然语言建模向形式化语言建模方向发展。本文总结了目前网络组合攻击建模框架及其关键技术,并对关键技术的发展现状做了介绍,最后展望了未来的发展趋势。 In reality there is a variety of computer networks vulnerability, attacks are often used vulnerability gradually invasion ultimately achieve the target. This combination of network modeling study is conducive to attack the protective network security and network security were to conduct security assessments and taken reasonable safety measures. Network attack modeling experienced from small-scale network modeling to the development of the massive network modeling, from manual to automated modeling in the direction of modeling, natural language modeling to develop forreal language modeling. This paper summarizes the current multi-attack modeling framework and key technologies. Finally, the prospect of future development trend were introduced.
作者 毛捍东 陈锋 张维明 朱承
机构地区 国防科技大学信息系统与管理学院
出处 《计算机科学》 CSCD 北大核心 2007年第11期50-55,61,共7页 Computer Science
基金 国家自然科学基金(项目编号:70371008)资助
关键词 网络安全 组合攻击建模 安全评估 攻击图 原子攻击 Network security, Multi-attack modeling, Security assess, Attack graph, Atom attack
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献42

  • 1Ritchey R W,Ammann P.Using Model Checking to Analyze Network Vulnerabilities.In:Proceedings:2000 IEEE Computer Society Symposium on Security and Privacy (S&P 2000),Oakland,California,IEEE Computer Society,2000.156-165
  • 2Cert/CC统计数据[Z]. http://www.cert.org/stats/cert_stats.html.
  • 3Arbaugh W A,Fithen W L,McHugh J.Windows of vulnerability:A case study analysis.IEEE Computer,2000,33:52-29
  • 4Dacier M,Deswarte Y,Kaaniche M.Quantitative assessment of operational security:Models and tools:[Technical Report].96493.LAAS,May 1996
  • 5Ortalo R,Dewarte Y,Kaaniche M.Experimenting with Quantitative Evaluation Tools for Monitoring Operation Security.IEEE Transactions on Software Engineering,1999,25:633-650
  • 6陆余良,夏阳.主机安全量化融合模型研究[J].计算机学报,2005,28(5):914-920. 被引量:28
  • 7冯萍慧,连一峰,戴英侠,李闻,张颖君.面向网络系统的脆弱性利用成本估算模型[J].计算机学报,2006,29(8):1375-1382. 被引量:28
  • 8Jha S,Sheyner O,Wing J.Two Formal Analyses of Attack Graphs.In:Proceedings:15th IEEE Computer Security Foundations Workshop (CSFW'15),Cape Breton,Nova Scotia,Canada,IEEE Computer Society,2002.49-63
  • 9Chen Wen-Huei,Liao Gen-Yih.Cost Minimization of the Attack Graph for Thwarting Network Attacks,Journal of Internet Technology,2004,3(5):187-193
  • 10Ammann P,Wijesekera D,Kaushik S.Scalable,Graph-Based Network Vulnerability Analysis.In:Proceedings of the 9th ACM Conference on Computer and Comm unications Security,New York:ACM Press,2002.217-224

二级参考文献16

  • 1林闯,汪洋,李泉林.网络安全的随机模型方法与评价技术[J].计算机学报,2005,28(12):1943-1956. 被引量:92
  • 2Ortalo R., Deswarte Y., Kaaniche M.. Experimenting with quantitative evaluation tools for monitoring operational security. IEEE Transactions on Software Engineering, 1999, 25(5): 633~650
  • 3Thorhuus R.. Software fault injection testing[M.S. dissertation]. Ericsson Telecom, Stockholm Sweden, 2000
  • 4Parsons S.. Some qualitative approaches to applying the dempster-shafer theory. Information and Decision Technologies, 1994, 19: 321~337
  • 5Saaty T.L.. How to make a decision: The analytic hierarchy process. European Journal of Operational Research, 1990, 48: 9~26
  • 6Dacier M.. Towards quantitative evaluation of computer security[Ph. D. dissertation]. Institut National Polytechnique de Toulouse, 1994
  • 7Dacier M. , Deswarte Y. , Kaniche M.. Quantitative assessment of operational security: Models and tools. LAAS: Technical Report 96493, 1996
  • 8Ortalo R. , Deswarte Y.. Information systems security: Specification and quantitative evaluation. In: DeVa ESPRIT Long Term Research Project No. 20072-2nd Year Report, 1997, 561-584
  • 9Ortalo R. , Deswarte Y. , Kaniche M.. Experimenting with quantitative evaluation tools for monitoring operational security. IEEE Transactions on Software Engineering, 1999, 25(5):633-650
  • 10Phillips C. , Swiler L.. A graph-based system for network vulnerability analysis. In, Proceedings of the ACM New Security Paradigms Workshop, 1998, 71-79

共引文献54

同被引文献48

引证文献5

二级引证文献10

计算机科学
2007年 第11期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部