期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于攻击图和改进粒子群算法的网络防御策略 被引量:14

Improved PSO for network defense measures of weighted attack graph
下载PDF
导出
摘要 攻击图是网络安全定性分析的常用工具,能为安全管理员阻止恶意入侵提供重要依据。为了进行网络安全测评和主动防御,提出防御策略模型和基于该模型的改进二进制粒子群算法。基于攻击图中的每个入侵动作,构建带权防御策略集,意在突出防御代价。为以最小代价阻止网络恶意入侵,引入并改进了二进制粒子群算法BPSO,获取了攻击图的最小关键策略集。仿真实验证明,能有效获取最小关键策略集的优化解,并通过与蚁群算法及贪心算法进行对比实验,证明其更高效。 Attack graph is a common tool for qualitative analysis of network security, which provides important basis for network security administrators to prevent malicious intrusions. To evaluate the security of network and perform active defense, the paper presents a defense graph model and an improved binary particle swarm optimization algorithm. It builds defense measure set with weights based on each intrusion action in the attack graph, intends to highlight the defense costs. In order to minimize the cost to prevent malicious attacks, it introduces and improves binary particle swarm optimization algorithm BPSO, and obtains the minimum critical measure set of the attack graph. Simulation results show that it can effectively obtain the optimization solution of the minimum critical measure set, and through the comparison with traditional greedy algorithm experiments, it proves that it is a more efficient optimization algorithm.
作者 刘渊 李群 王晓锋
机构地区 江南大学数字媒体学院 江南大学物联网工程学院
出处 《计算机工程与应用》 CSCD 北大核心 2016年第8期120-124,共5页 Computer Engineering and Applications
基金 中央高校基本科研业务费专项资金项目(No.JUSRP51321B) 江苏自然科学基金重点(No.Bk2011003)
关键词 最小关键策略集 二进制粒子群算法 攻击图 防御代价 minimum critical measure set Binary Particle Swarm Optimization(BPSO) attack graph defence cost
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献14

  • 1Ammann P,Wijesekera D,Kaushik S.Scalable,graph-based network vulnerability analysis[C]//Proceedings of the 9th ACM Conference on Computer and Communications Security,2002:217-224.
  • 2Sheyner O.Scenario graphs and attack graphs[D].Pittsburgh,USA:Carnegie Mellon University,2004.
  • 3Wang L,Albanese M,Jajodia S.Minimum-cost network hardening[M]//Network hardening.[S.l.]:Springer International Publishing,2014:23-38.
  • 4Sheyner O,Haines J,Jha S,et al.Automated generation and analysis of attack graphs[C]//2002 IEEE Symposium on Security and Privacy,2002:273-284.
  • 5Jha S,Sheyber O,Wing J M.Minimization and reliability analyses of attack graphs[R].Pittsburgh,PA:School of Computer Science,Carnegie-Mellon Univ,2002.
  • 6金晶,孙东来,陈秀真.基于攻击图及蚁群算法的安全评估[J].信息安全与通信保密,2009,31(4):79-81. 被引量:9
  • 7Abadi M,Jalili S.A particle swarm optimization algorithm for minimization analysis of cost-sensitive attack graphs[J].ISe Cure,2010,2(1).
  • 8阳春华,谷丽姗,桂卫华.自适应变异的粒子群优化算法[J].计算机工程,2008,34(16):188-190. 被引量:51
  • 9孙亮,李东,张涛.网络攻击图的自动生成[J].计算机应用研究,2006,23(3):119-122. 被引量:13
  • 10叶云,徐锡山,齐治昌,吴雪阳.大规模网络中攻击图自动构建算法研究[J].计算机研究与发展,2013,50(10):2133-2139. 被引量:27

二级参考文献51

  • 1张永铮,云晓春,胡铭曾.基于特权提升的多维量化属性弱点分类法的研究[J].通信学报,2004,25(7):107-114. 被引量:35
  • 2李朝荣,张鹰,张安妮.基于PSO算法的神经网络集成入侵检测系统[J].计算机工程,2007,33(14):123-124. 被引量:7
  • 3Ritchey R W,Ammann P.Using Model Checking to Analyze Network Vulnerabilities[J].Proceedings of the IEEE Symposium on Security and Privacy,Oakland,CA,2000.
  • 4Kumar V,Srivastava J,Lazarevic A.Managing Cyber Threats:Issues,App roaches and Challenges[M].Kluwer Academic Publishers,2003:247-266.
  • 5R Ritchey,P Ammann.Using Model Checking to Analyze Network Vulnerabilities[C].Proceedings of the IEEE Symposium on Security and Privacy,2001.156-165.
  • 6O Sheyner,J Haines,S Jha,et al.Automated Generation and Analysis of Attack Graphs[C].Proceedings of IEEE Symposium on Security and Privacy,2002.273-284.
  • 7O Sheyner.Scenario Graphs and Attack Graphs[D].Carnegie Mellon University,2004.
  • 8C Ramakrishnan,R Sekar.Model-based Vulnerability Analysis of Computer Systems[C].Proceedings of the 2nd International Workshop on Verification,Model Checking and Abstract Interpretation,1998.
  • 9V Kumar,J Srivastava,A Lazarevic.Managing Cyber Threats:Issues,Approaches and Challenges[M].Kluwer Academic Publishers,2003.247-266.
  • 10P Ammann,D Wijesekera,S Kaushik.Scalable,Graph-based Network Vulnerability Analysis[C].Proc.of the 9th ACM Conference on Computer and Communications Security,2002.217-224.

共引文献401

同被引文献106

引证文献14

二级引证文献32

计算机工程与应用
2016年 第8期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部