摘要
攻击图技术是一种基于模型的网络脆弱性评估方法。它通过对目标网络建模,以攻击规则对攻击者建模,然后根据二者之间的相互作用关系产生攻击图,展示目标网络内各个脆弱性之间的关系、脆弱性与网络安全配置之间的关系。早期的攻击图都是采用手工生成,速度慢效果差。为了方便研究人员使用攻击图分析目标网络安全状况,对攻击图的自动展示技术进行了研究。通过选用成熟的软件和设计合适的转换方法对攻击图进行解析,生成简洁清楚的攻击图,提高了攻击图的效能。
Attack graph technology is a method of the model-based evaluation for network vulnerabilities. Through modeling the target network and modeling the attacker with attack rules, it gives attack graphs according to their relationship to reveal the relation of all the vulnerabilities in object network, and the relation between vulnerability and network security configuration. Early attack graph was produced by hand, which had a slow speed and dissatisfaction effect. In order to give facility for researchers to analyze the security condition of target network, a research is given to the visual technology of attack graph. Through the mature software and appropriate conversion technique to parse the attack graphs, the concision and clear attack graphs are generated and the efficiency of the attack graphs is improved.
出处
《现代电子技术》
2010年第19期94-96,100,共4页
Modern Electronics Technique
基金
国家863计划项目(2009AA01Z432)
关键词
攻击图
展示技术
网络脆弱性评估
网络建模
attack graph
visual technology
evaluation for network vulnerability
network modeling
