期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于T-G保护系统的抗病毒网络安全分析模型

A New Anti-virus Network Security Analysis Model Based on Take-Grant Protection System
下载PDF
导出
摘要 攻击者采用病毒、利用脆弱性等方式进行网络攻击,实质是其攻击权限不断扩大,进而导致系统状态变化的过程,针对这一特性,本文对原有的T-G模型和de jure重写规则进行了扩充,增加了攻击图中节点之间权限、连接关系、节点属性的描述和脆弱性重写规则,形成了DTGSA模型;通过对真实的漏洞进行建模和实验,证明此模型对攻击特征有很好的描述能力,能帮助网络管理员预测可能的攻击,进而采取相应的安全措施。 According to characteristics that attackers may use vulnerabilities and virus m attack and transfer privileges which can cause change of system states in an attack process, the T-G model and de jure rewriting rules are extended, then privileges, connections. attributes among nodes in an attack graph and vulnerability rewriting rules are introduced, therefore a dynamic take-grant network security analysis ( DTGSA ) model is proposed; Through an experiment based on modeling real vulnerabilities for a system, the results show that the model has good describing ability to characteristics of attack and shows interaction processes among attackers and entities. In addition, it can help a network administrator to predict possible attacks, and then take corresponding safety measures.
作者 李艳 刘怡麟
机构地区 西安建筑科技大学管理学院 西安航空技术高等专科学校
出处 《信息网络安全》 2009年第9期43-45,共3页 Netinfo Security
关键词 网络安全 网络安全分析模型 攻击图 T-G模型 重写规则 Network security Network security analysis model Attack graph T-G model Rewriting rules
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献2

二级参考文献90

  • 1张永铮,云晓春,胡铭曾.基于特权提升的多维量化属性弱点分类法的研究[J].通信学报,2004,25(7):107-114. 被引量:35
  • 2林闯,彭雪海.可信网络研究[J].计算机学报,2005,28(5):751-758. 被引量:253
  • 3Qu G.,Jayaprakash,Ramkishore M.,Hariri S.,Raghavendra C.S.A framework for network vulnerability analysis.In:Proceedings of the 1st IASTED International Conference on Communications,Internet,Information Technology (CⅡT2002),St.Thomas,Virgin Islands,USA,2002,289~298
  • 4Moore A.P.,Ellison R.J.,Linger R.C.Attack modeling for information security and survivability.Carnegie Mellon Univer sity:Technical Note CMV/SEI-2001-TH-001,2001
  • 5Jonsson E.,Olovsson T.A quantitative model of the security intrusion process based on attacker behavior.IEEE Transactions on Software Engineering,1997,23(4):235~245
  • 6Mahimkar A.,Shmatikov V.Game-based analysis of Denial-of-service prevention protocols.In:Proceedings of the IEEE Computer Security Foundations Workshop(CSFW05),Aix-en-Provence,France,2005,287~301
  • 7Xia Zheng-You,Zhang Shi-Yong.A kind of network security behavior model based on game theory.In:Proceedings of the 4th International Conference on Parallel and Distributed Computing,Applications and Technologies,PDCAT,Chengdu,China,2003,950~954
  • 8Avizenis A.,Laprie J.,Randell B.Fundamental concepts of dependability.In:Proceedings of the 3rd Information Survivability Workshop,Boston,MA,2000,7~12
  • 9Goseva-Postojanova K.,Wang F.,Wang R.,Gong F.,Vaidyanathan K.,Trivedi K.S.,Muthusamy B.Characterizing intrusion tolerant systems using a state transition model.In:Proceedings of DARPA DISCEX Ⅱ Conference,2001,Ⅱ(2):211~221
  • 10Schneier B.Secrets and Lies:Digital Security in a Networked World.New York:John Wiley & Sons,2000

共引文献94

信息网络安全
2009年 第9期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部