摘要
针对目前网络攻击图构建系统的需求,设计网络连通性分析算法。通过对网络拓扑及防火墙规则进行离线分析,可以判断网络中由若干台过滤设备分隔的任意2台主机间的连通性。引入关键实体集的概念,结合经典的Apriori算法提出一种快速有效的获取关键实体集的方法。分析对比表明,关键实体集可以在连通性分析过程中为网络中各节点的重要性评估提供有力依据。
This paper designs a network connectivity analysis algorithm according to the present techniques and the need of attack graph construction system. By using connectivity analysis, network topology and firewall rule analysis can be performed offline, which determines the connectivity between two hosts, It introduces a conception of Critical Entity Collection(CEC). An effective way of CEC detection is presented on the basis of classic Apriori algorithm. Deep analysis and comparison show that CEC provides effective information for the assessment of the importance of nodes in the network in the process of connectivity analysis.
出处
《计算机工程》
CAS
CSCD
北大核心
2009年第18期116-118,共3页
Computer Engineering
基金
国家自然科学基金资助项目(60605019)
国家"863"计划基金资助项目(2007AA01Z473)
教育部博士点基金资助项目(20070248002)
关键词
网络连通性
攻击图
关键实体集
network connectivity
attack graph
Critical Entity Collection(CEC)