期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种基于广义随机着色Petri网的网络攻击组合模型 被引量:11

Attack Composition Model Based on Generalized Stochastic Colored Petri Nets
下载PDF
导出
摘要 攻击行为建模对网络安全分析与评估具有重要的作用。该文定义了一种基于广义随机着色Petri网的网络攻击组合模型,该模型能清晰表达攻击组合中各组合部分之间的关联关系,给出了攻击行为、攻击组合运算的定义和攻击组合的建立算法,并对组合模型的结构复杂度进行了度量。在此基础上,从系统性能分析的角度对时间代价进行评估。针对网络实例的分析进一步验证了所提出的组合模型及相关计算方法的有效性。 Attack modeling plays an important role in network security analysis and assessment. A Generalized Stochastic Colored Petri Net (GSCPN) model for attack composition is proposed. To each attack, a GSCPN model is constructed to describe the relation of components graphically. Operators to construct attack composition from known ones as blocks are defined formally. The algorithm to construct a composite attack is delivered, and the structural complexity of combination model is measured also. On this basis, the time cost of vulnerabilities is assessed. The network example validates further the effectiveness of the proposed composition model and calculation method.
作者 高翔 祝跃飞 刘胜利
机构地区 解放军信息工程大学数学工程与先进计算国家重点实验室
出处 《电子与信息学报》 EI CSCD 北大核心 2013年第11期2608-2614,共7页 Journal of Electronics & Information Technology
基金 国家自然科学基金(60902102 61272489) 郑州市科技创新团队项目(10CXTD150)资助课题
关键词 PETRI网 攻击组合 建模 时间代价 Petri net Attack composition Modeling Time cost
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献16

  • 1Porras P A and Kemmerer R A. Penetration state transition analysis: a rule-based intrusion detection approach[C]. Proceedings of the Eighth Annual Computer Security Applications Conference, San Antonio, USA, 1992: 220-229.
  • 2Wang Shu-zhen, Zhang Zong-hua, and Kadobayashi Youki. Exploring attack graph for cost-benefit security hardening: a probabilistic approach[J]. Computers & Security, 2013, 32(2): 158 169.
  • 3冯萍慧,连一峰,戴英侠,李闻,张颖君.面向网络系统的脆弱性利用成本估算模型[J].计算机学报,2006,29(8):1375-1382. 被引量:28
  • 4陈锋,刘德辉,张怡,苏金树.基于威胁传播模型的层次化网络安全评估方法[J].计算机研究与发展,2011,48(6):945-954. 被引量:32
  • 5Liang Xian-nuan and Xiao Yang. Game theory for network security[J]. IEEE Communications SUT1Jeys & Tutorials, 2013, 15(1): 472-486.
  • 6吴迪,冯登国,连一峰,陈恺.一种给定脆弱性环境下的安全措施效用评估模型[J].软件学报,2012,23(7):1880-1898. 被引量:18
  • 7Wang Yuan-zhuo, Yu Min, Li Jing-yuan , et al . Stochastic game net and applications in security analysis for enterprise nctwork],l]. International Journal of Information Security, 2012,11(1): 4152.
  • 8王永杰,鲜明,刘进,王国玉.基于攻击图模型的网络安全评估研究[J].通信学报,2007,28(3):29-34. 被引量:54
  • 9Jiang Wei, Zhang Hong-Ii, Tian Zhi-hong, et al. A game theoretic method for decision and analysis of the optimal active defense strategy] C]. Proceedings of International Conference on Computational Intelligence and Security, Harbin, China, 2007: 819-823.
  • 10Chiola G, Marsan M A, Balbo G, et al. Generalized stochastic Petri nets: a definition at the net level and its implications],I]. IEEE Transactions on Software Engineering, 1993,19(2): 89-107.

二级参考文献55

  • 1张永铮,云晓春,胡铭曾.基于特权提升的多维量化属性弱点分类法的研究[J].通信学报,2004,25(7):107-114. 被引量:35
  • 2林闯,汪洋,李泉林.网络安全的随机模型方法与评价技术[J].计算机学报,2005,28(12):1943-1956. 被引量:92
  • 3陈秀真,郑庆华,管晓宏,林晨光.层次化网络安全威胁态势量化评估方法[J].软件学报,2006,17(4):885-897. 被引量:341
  • 4Software Engineering Institute Carnegie Mellon. CERT Statistics [EB/OL]. [2009-01-02]. http://www. cert. org/ stats.
  • 5Arhaugh A, Fithen L, John McHugh. Windows of vulnerability: A case study analysis [J]. IEEE Computer, 2000. 33:52-29.
  • 6Skaggs B, Blackhurn B, Manes G, et al. Network vulnerability analysis [C]//Proc of the 45th IEEE Midwest Syrup on Circuits and Systems. Piscataway, NJ: IEEE, 2002:493-495.
  • 7Wales E. Vulnerability assessment tools [J]. Network Security, 2003 (7): 15-17.
  • 8Abedin M, Nessa S, AI Shacr E, et al. Vulnerability analysis for evaluating quality of protection of security policies [C]//Proc of the 2nd ACM CCS Workshop on Quality of Protection. New York: ACM, 2006:49-52.
  • 9Ahmed M, Al-Shaer E, Khan L. A novel quantitative approach for measuring network security [C] //Proc of the 27th Conf on Computer Communications. Piscataway, NJ: IEEE, 2008:1957-1965.
  • 10Ambrosio B, Takikawa M, Upper D, et al. Security situation assessment and response evaluation[C] //Proc of DARPA Information Survivability Conf & Exposition II. Piscataway, NJ: IEEE, 2001:387-394.

共引文献150

同被引文献143

引证文献11

二级引证文献51

电子与信息学报
2013年 第11期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部