摘要
为了增强网络的安全性,对网络整体进行威胁分析和评估应用,结合攻击图的特点,研究并提出了一种攻击图的网络威胁自动化建模方法。在攻击图生成之前,抽象出网络威胁数学模型,包括主机信息、拓扑信息、漏洞信息和攻击者信息四个组成部分。并针对所建的网络威胁模型提出自动建模方法和具体的自动化流程。基于此,结合攻击事件的Büchi模型和CTL描述,使用符号模型检验算法自动生成攻击图,为攻击图的应用奠定基础。
In order to strengthen the security of network and carry out analysis and assessment of network threats,and based on the characteristics of attack graph,an automatic network threats modeling method for attack graph is proposed.Before generating attack graph,the network threats model is abstracted,including the information of four components such as host,topology,vulnerability and attacker.Then in accordance with the network threats model,the automatic modeling method and its automatic flow are given.Based on these and model checking algorithm,and in combination of Büchi model and CTL description,the attack graph is generated.The research could lay a foundation for the application of attack graph.
出处
《通信技术》
2012年第9期86-89,92,共5页
Communications Technology
基金
国家自然科学基金项目(批准号:61171173)
关键词
网络威胁
攻击图
自动建模
模型检验
漏洞
network threats; attack graph; automatic modeling; model checking; vulnerability