摘要
对公共网络协同防护攻击性进行准确建模,可以对公共网络协同防护攻击进行有效防御。进行协同防护攻击性建模时,应分析公共网络协同防护攻击路径,并生成公共网络协同防护攻击图,依据攻击图中脆弱点的攻击难度确定协同防护攻击状态转移概率完成建模,传统的方法主要通过预测各攻击子路径的风险来进行建模,不能生成准确的协同防护攻击图,无法计算协同防护攻击状态转移概率,导致建模误差大。提出扩展马尔科夫链的公共网络协同防护攻击性建模方法。获取公共网络资源状态节点集合,给出攻击图节点置信度,构造公共网络协同防护攻击路径,并计算各攻击子路径的风险成本,组建协同防护攻击行为的风险系数模型,获得各种攻击状态节点转移相应的权重,确定相应的攻击状态转移概率,并组建公共网络协同防护攻击图。将协同防护攻击脆弱点的攻击难度作为协同防护攻击状态转移概率的确定标准,完成基于扩展马尔科夫链的公共网络协同防护攻击性模型构建。仿真结果表明,所提方法可以有效地提高公共网络节点的置信度,提升对攻击路径的预测能力。
A modeling method of collaborative protection aggressiveness in public network is proposed based on the extended Markov chain. Firstly, the state node set of public network information is obtained and the confidence degree of attack graph node is given to build the attack path of collaborative protection. The risk cost of each attack sub - path is also calculated and the risk coefficient model of collaborative protection attack is built to obtain the corresponding weight of various attack state node. Then the corresponding state transition probability is confirmed and the attack graph is built. Finally, the attack difficulty of collaborative protection attack vulnerability is used as the confirmed standard of state transition probability and the modeling of collaborative protection aggressiveness in public network is completed based on the extended Markov chain. The simulation results show that the method mentioned above can improve the confidence degree of public network node effectively. It can enhance the prediction ability of attack path.
作者
李凤
陈婷婷
LI Feng CHEN Ting - ting(Nanchang University College of Science and Technology, Nanchang Jjiangxi 330029, Chin)
出处
《计算机仿真》
北大核心
2017年第6期298-301,共4页
Computer Simulation
关键词
公共网络
协同防护攻击
数学建模
Public network
Collaborative protection attack
Mathematical modeling