摘要
为准确预测网络攻击路径信息,提出一种基于概率属性网络攻击图(PANAG)的攻击路径预测方法。利用通用漏洞评分系统对弱点属性进行分析,设计节点弱点聚类算法以减少弱点数目,同时提出概率属性网络攻击图生成算法GeneratNAG,从而避免攻击图生成后可能存在的状态爆炸问题。综合分析影响网络攻击可行性的多方面因素,引入攻击价值的概念,提出一种基于攻击价值的路径生成算法BuildNAP,以消除冗余路径。在此基础上,通过PANAG模型定量分析基于入侵意图的不同入侵路径的可能性,预测攻击者最可能采取的攻击路径。实验结果表明,该方法的准确率与执行效率均较高。
In order to accurately predict network attack paths,this paper proposes an attack path prediction method based on Probabilistic Attribute Network Attack Graph(PANAG).The method uses the common vulnerability scoring system to analyze the vulnerability attributes,and designs a Node Vulnerability Clustering(NVC)algorithm to reduce the number of vulnerabilities.Also,the probability attribute network attack graph generation algorithm,GeneratNAG,is given to avoid the possible state explosion of generated attack graphs.Then a comprehensive analysis of factors that influence the feasibility of cyberattacks is made,and on this basis the concept of attack value is introduced.A path generation algorithm based on attack value,BuildNAP,is proposed to eliminate redundant paths.Finally,the PANAG model is used to quantitatively analyze the possibility of different intrusion paths based on intrusion intent,and predict the attack path that the attacker is most likely to take.Experimental results demonstrate the accuracy and execution efficiency of the proposed method.
作者
王辉
赵雅
张娟
刘琨
WANG Hui;ZHAO Ya;ZHANG Juan;LIU Kun(College of Computer Science and Technology,Henan Polytechnic University,Jiaozuo,Henan 454000,China)
出处
《计算机工程》
CAS
CSCD
北大核心
2020年第9期154-162,共9页
Computer Engineering
基金
国家自然科学基金(61300216)。
关键词
状态变迁
节点弱点聚类
攻击价值
攻击可行性
入侵意图
state transition
Node Vulnerability Clustering(NVC)
attack value
attack feasibility
intrusion intent
