期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种基于攻击意愿分析的网络风险动态评估模型 被引量:16

A Dynamic Network Risk Assessment Model Based on Attacker's Inclination
下载PDF
导出
摘要 针对目前利用攻击图进行风险评估时,存在过于依赖已知漏洞知识库、仅仅利用原子攻击本质属性进行量化分析而没有很好地关联攻击者主观的攻击意愿等问题,提出了一种基于攻击者攻击意愿分析的动态风险评估模型.通过融合已知威胁和潜在威胁构建原子攻击库,分析在系统网络环境下不同时期攻击者所面临的攻击压力,量化攻击者决策时的攻击意愿,将攻击意愿和原子攻击本身的攻击性质加入到贝叶斯网络攻击图的动态推理模型中.实验证明了该模型的合理性,并且该系统更适合于实际网络环境下的实时风险评估. This article proposes a new dynamic network risk analysis model based on attackers'inclination in order to solve some problems of the traditional risk analysis method based on attack graph.Traditional attack graph based on risk assessment method relies highly on the known vulnerability database and only analyzes the atomic attacks'attribute regardless of the relationship between attack strategies and attackers'inclination.In our model we take both the existing vulnerabilities and unknown threatens into consideration,then evaluate the attackers pressures during different attack periods so that we quantize the attackers'inclination dynamically under the network environment.Then,we add the attackers'inclination factors and atomic attack attributes into graph based risk assessment model,and we create a new type of attack graph using attackers'inclination factors.Finally we set up a dynamic risk assessment method by using Bayesian reasoning engine.We convert our static attack to the dynamic Bayesian attack graph,and use the posterior probability computed by Bayesian reasoning engine to realize the dynamic risk assessment.We establish a realworld experiment environment to simulate our dynamic risk assessment model based on attackers'inclination and validate its function.Experimental results demonstrate the rationality of this model,and prove that this system is more suitable for real-time risk assignment under the actual network environment.
作者 马春光 汪诚弘 张东红 李迎涛
机构地区 哈尔滨工程大学计算机科学与技术学院
出处 《计算机研究与发展》 EI CSCD 北大核心 2015年第9期2056-2068,共13页 Journal of Computer Research and Development
基金 国家自然科学基金项目(61170241 61472097) 黑龙江省自然科学基金项目(F201229) 高等学校博士学科点专项科研基金项目(20132304110017)
关键词 贝叶斯攻击图 攻击压力 攻击意愿 潜在威胁 风险评估 Bayesian attack graph attack pressure attacker's inclination potential threats risk assessment
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献20

  • 1Phillips C, Swiler L P. A graph-hased system for network- vulnerability analysis [C] //Proc of the 1998 Workshop on New Security Paradigms. New York: ACM, 1998:71-79.
  • 2Swiler L P, Phillips C, Ellis D, et al. Computerattack graph generation tool [C] //Proe of DARPA Information Survivability Conf. Piscataway, NJ: IEEE, 2001: 307-321.
  • 3Jha S, Sheyner O, Wing J. Two formal analyses of attack graphs [C] //Proc of Computer Security Foundations Workshop. Piscataway, NJ: IEEE, 2002: 49-63.
  • 4Ammann P, Wijesekera D, Kaushik S. Scalable, graph- based network vulnerability analysis [C] //Proc of the 9th ACM Conf on Computer and Communications Security. New York: ACM, 2002:217-224.
  • 5Sheyne O, Haines J, Jha S, et al. Automated generation and analysis of attack graphs [C] //Proc of IEEE Syrup on Security and Privacy. Los Alamitos, CA: IEEE Computer Sciety, 2002:273-284.
  • 6Wang Lingyu, Yao Chao, Singhal A, et al. Interactive analysis of attack graphs using relational queries [C] //Proc of the 20th Annual IFIP Working Conf on Data Applications Security. Berlin: Springer, 2006:119-132.
  • 7Ingols K, Chu M, Lippmann R, et al. Modeling modern network attacks and counter measures using attack graphs [C] //Proc of Computer Security Applications Conf. Piscataway, NJ: IEEE, 2009:117-126.
  • 8Dantu R, Loper K, Kolan L. Risk management using behavior based attack graphs [C] //Proc of Int Conf Information Technology: Coding and Computing. Piscataway, NJ: IEEE, 2004: 445-449.
  • 9Liu Y, Man H. Network vulnerability assessment using Bayesian networks [C] //Proc of SPIE 5812: Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security. Bellingham: SHE, 2005: 61-71.
  • 10张少俊,李建华,宋珊珊,李斓,陈秀真.贝叶斯推理在攻击图节点置信度计算中的应用[J].软件学报,2010,21(9):2376-2386. 被引量:29

二级参考文献13

  • 1王永杰,鲜明,刘进,王国玉.基于攻击图模型的网络安全评估研究[J].通信学报,2007,28(3):29-34. 被引量:56
  • 2SHEYNER O, HAINES J, JHA S,et al. Automated generation and a- nalysis of attack graphs [ C ]///Proc of IEEE Symposium on Security and Privacy. Washington DC :IEEE Computer Sciety,2002:273-284.
  • 3WANG Ling-yu, YAO Chao, SINGHAL A, et al. Interactive analysis of attack graphs using relational queries [ C ]//Proc of the 20th Annual IFIP Working Conference on Data & Applications Security. 2006:119- 132.
  • 4WANG Ling-yu, ISLAM T, LONG Tao, et al. An attack graph-based probabilistic security metric [ C ]//Proc of the 22nd International Fede-ration for Information Processing. Berlin:Springer-Verlag,2008: 283-296.
  • 5FRIGAULT M, WANG Ling-yu. Measuring network security using dynamic Bayesian network [ C ]//Proc of the 4th Conference on Com- puter and Communications Security ACM Workshop on Quality of Pro- tection. New York : ACM Press ,2008:23- 30.
  • 6POOLSAPPASIT N, DEWRI R, RAY I. Dynamic security risk mana- gement using Bayesian attack graphs[ J]. IEEE Trans on Dependa- ble and Secure Computing ,2012,9 ( l ) :61-74.
  • 7AMMANN P, WIJESEKERA D, KAUSHIK S. Scalable, graph- based network vulnerability analysis[ C ]//Proc of the 9th ACM Con- ference on Computer and Communications Security. New York:ACM Press, 2002 : 217 - 224.
  • 8GB/T20984,信息安全技术一信息安全风险评估规范[s].北京:中国标准出版社,2007.
  • 9MELL P, SCARFONE K, ROMANOSKY S. The common vulnerabi- lity scoring system (CVSS) and its applicability to federal agency sys- tems, NIST IR 7435 [ R ]. Gaithersburg : U. S. Department of Com- merce, 2007.
  • 10CVE. Common vulnerabilities and exposures [ EB/OL]. (2012-12- 18 ) [ 2012-12-29 ]. http ://www. cve. mitre, org/.

共引文献40

同被引文献120

引证文献16

二级引证文献130

计算机研究与发展
2015年 第9期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部