摘要
针对现有攻击图构建方法适用的网络规模受限的问题,通过分析现有方法存在的缺陷及构建过程中的特点,使构建攻击图转化为威胁行动属性之间的模式匹配,将Rete引入到攻击图构建过程中,提出基于Rete的攻击图构建方法。实验结果表明,该方法具有较好的构建效率,能够适用于大规模网络的攻击图构建。
Aiming at the problem that the applicable network scale for existing attack graph generation methods is limited, through analysis of the shortage of the existing attack graph construction methods and the characteristics of the construction process, the constructed attack graph is transformed into a pattern matching between the threat action properties. Rete is introduced into the construction process of attack graph, an attack graph building method based on Rete is proposed. Experimental results show that the method has better construction efficiency and can be applied to the construction of attack graph in large-scale network.
出处
《计算机工程》
CAS
CSCD
北大核心
2018年第3期151-155,165,共6页
Computer Engineering
关键词
网络安全
攻击图
RETE算法
大规模网络
攻击图构建
模式匹配
network security
attack graph
Rete algorithm
large-scale network
attack graph generation
patternmatch
