期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于贝叶斯推理的攻击路径预测研究 被引量:7

Research on predicting attack path based on Bayesian inference
下载PDF
导出
摘要 针对攻击路径预测方法中存在的因路径冗余而导致的节点置信度错误计算问题,提出了攻击可行性概念,并改进了基于贝叶斯推理的似然加权法。通过对子攻击路径进行成本—收益分析,提出了基于攻击可行性的攻击路径生成算法,尽可能消除路径冗余;并在此基础上对似然加权法进行了改进,以支持上述算法,有效地避免计算节点置信度的错误计算。实验结果表明,该方法能有效地消除路径冗余,提高节点置信度的准确性,提升对攻击路径的有效预测。 Path redundancy in methods for predicting paths causes the problem that the computation of node belief is incor- rect. In order to solve it, this paper presented the concept of attack feasibility and improved the likelihood weighting algorithm based on the Bayesian inference. By analyzing cost-benefit on child attack paths, firstly it proposed an algorithm generating at- tack paths to eliminate path redundancy as far as possible; secondly, based c_n the above, it improved the likelihood weighting algorithm to support above algorithm so that it could effectively avoid the problem of incorrect computation and improve the ac- curacy of node belief. The finally experimental results show that the method can effectively eliminate the path redundancy and evidently improve the accuracy of node belief and consequently enhance the validity of prediction for attack paths.
作者 王辉 王云峰 王坤福
机构地区 河南理工大学计算机科学与技术学院 吉林大学电子科学与工程学院
出处 《计算机应用研究》 CSCD 北大核心 2015年第1期226-231,共6页 Application Research of Computers
基金 国家自然科学基金资助项目(51174263) 国家教育部博士点基金资助项目(20124116120004) 河南省教育厅科学技术研究重点项目(13A510325)
关键词 攻击图 路径冗余 节点置信度 攻击可行性 似然加权 attack graph path redundancy node belief attack feasibility likelihood weighting
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献15

  • 12012年中国互联网网络安全报告[EB/OL].2013.http://www.cert.org.cn/publish/maime46/index.html.
  • 2WHITLEY J N, PHAN R C W, WANG Jie, et al. Attribution of at- tack trees [ J ]. Computers and Electrical Engineering, 2011,37 (4) :624-628.
  • 3DALTON G C I I, EDGE K S, MILLS R F, et al. Analyzing security risks in computer and radio frequency identification (RFID) networks using attack and protection trees[ J]. International ,Journal of Secu- rity and Networks,2010,5(2-3) :87-95.
  • 4AMMANN P, PAMULA J, RITCHEY R, et al. A host-based ap- proach to network attack chaining analysis [ C ]//Proe of the 21 st An- num Conference on Computer Security Applications. [ S. 1. ] : IEEE Computer Society,2005:72- 81.
  • 5陈锋,毛捍东,张维明,雷长海.攻击图技术研究进展[J].计算机科学,2011,38(11):12-18. 被引量:14
  • 6HOMER J, OU Xin-ming. SAT-solving approaches to context-aware enterprise network security management[ J]. IEEE Journal on Se- lected Areas in Communications,2009,27(3):315-322.
  • 7HOMER J, VARIKUTI A, OU Xin-ming, et al. Improving attack graph visua//zation through data reduction and attack grouping[ C]// Proc of the 5th International Workshop on Visualization for Computer Security. 2008:68-79.
  • 8YU Dong, FRINCKE D. Improving the quality of alerts and predic- ting intruder' s next goal with hidden colored petri-net[ J]. Computer Networks, 2007,51 (3) :632-654.
  • 9石进,郭山清,陆音,谢立.一种基于攻击图的入侵响应方法[J].软件学报,2008,19(10):2746-2753. 被引量:17
  • 10MEHTA V, BARTZIS C,ZHU Hai-feng, et al. Ranking attack graphs [ C ]//Proc of the 9th International Symposium of Recent Advances in Intrusion Detection. 2006 : 127-144.

二级参考文献96

  • 1冯萍慧,连一峰,戴英侠,鲍旭华.基于可靠性理论的分布式系统脆弱性模型[J].软件学报,2006,17(7):1633-1640. 被引量:30
  • 2王永杰,鲜明,刘进,王国玉.基于攻击图模型的网络安全评估研究[J].通信学报,2007,28(3):29-34. 被引量:55
  • 3Beale J, Meer H, Temmingh R, et al. Nessus Network Auditing [M]. Rockland: Syngress Publisher, 1998.
  • 4xfocus team. xfocus[EB/OL], http://www, xfocus, net/tools/ 200507/1057. html, 2009.
  • 5Sheyner O, Jha S, Wing J M, et al. Automated Generation and Analysis of Attack Graphs[C]//Proc. of the IEEE Symp. on Security and Privacy. NJ .. IEEE, 2002 :273-284.
  • 6Swiler L P, Phillips C, Gaylor T. A Graph-based Network-vulnerability Analysis System[R]. California.. National Laboratories,1998.
  • 7Swiler L P, Phillips C, Ellis D, et al.. Computer-attack Graph Generation Tool[C]//DISCEX11. NJ :IEEE, 2001 : 307-321.
  • 8Ritehey R W, Ammann P. Using Model Checking to Analyze Network Vulnerabilities['C3//S&P 2000. NJ: IEEE, 2000 :156- 165.
  • 9Wang L, Yao C, Singhal A, et al. Interactive analysis of attack graphs using relational queries [C]//DBSec 2006. NJ: IEEE, 2006:119-132.
  • 10Sheyner O. Scenario graphs and attack graphs[D]. Pittsburgh: Carnegie Mellon University, 2004.

共引文献76

同被引文献59

引证文献7

二级引证文献19

计算机应用研究
2015年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部