摘要
在网络风险评估中,攻击图模型用于表达网络存在的脆弱点以及脆弱点之间的关联关系,传统方法通过主观经验确定攻击图中状态转移的权重,给状态转移概率的确定带来较大不准确性。为提高其准确性,通过将脆弱点的攻击难度作为状态转移概率的确定标准,构建基于马尔科夫链的攻击图模型。搭建实验环境,将该模型应用到实际环境中,得到了准确的状态转移概率。该模型摒弃了传统概率确定方法中的主观性,有效提高了概率确定的准确性。
The attack graph model is one of the models expressing vulnerabilities existing in the network and the relationship among vulnerabilities in the assessment of network risk.In traditional methods,subject experiences are used to determine the weight of state transition,it brings a great deal of inaccuracy to the determination of state transition probability.To improve its accuracy,the attack difficulty of vulnerability was taken as the criteria of determining the state transition probability,and an attack graph model based on Markov chain was constructed.The experimental environment was set up,and the model was applied to the actual environment,the accurate state transition probability was obtained then.The model abandons the subjectivity of the conventional method,and effectively improves the accuracy of probability determining.
出处
《计算机工程与设计》
CSCD
北大核心
2014年第12期4131-4135,共5页
Computer Engineering and Design
基金
国家自然科学基金项目(61272419)
关键词
马尔科夫链
攻击图
攻击难度
状态转移概率
脆弱点
Markov chain
attack graph
attack difficulty
state transition probability
vulnerability
