摘要
为降低网络安全风险,更好地实现网络攻击路径的优化,在现有网络攻击图的基础上构建SQAG模型对网络攻击进行建模。该模型将攻击过程离散化,每一时刻的攻击图包含攻击者在当前时刻已经占据的节点。同时利用攻击熵优化算法对子攻击路径进行成本收益分析,从而消除冗余路径。通过对攻击过程进行合理的推演,将精确推理的联结树算法应用到时序网络攻击图中,实时得到任意时刻攻击图的节点置信度。实验结果表明,在防火墙收紧访问尺度情况下,该模型网络攻击节点置信度随时间延长而降低,利用攻击熵优化算法消除冗余路径,可得到更准确的节点置信度。
In order to reduce network security risks and better realize the optimization of network attack paths,this paper constructs a SQAG model for network attacks based on the existing network attack graphs.The model discretizes the attack process,in which the attack graph at each moment contains the nodes occupied by the attacker at that time.The attack entropy optimization algorithm is used to implement cost-benefit analysis of sub-attack paths,so as to reasonably eliminate redundant paths.Through reasonable deduction of the attack process,the joint tree algorithm that performs precise reasoning is applied to the sequential network attack graph to obtain the node confidence degree of the attack graph at any moment in real time.Experimental results show that when the firewall tightens the access scale,the confidence degree of each node in the proposed model decreases with time in the attack process.The redundant paths are eliminated by using the attack entropy optimization algorithm to obtain a more accurate confidence degree of nodes.
作者
张俊
张安康
王辉
ZHANG Jun;ZHANG Ankang;WANG Hui(School of Computer Science and Technology,Henan Polytechnic University,Jiaozuo,Henan 454000,China)
出处
《计算机工程》
CAS
CSCD
北大核心
2020年第10期143-150,共8页
Computer Engineering
基金
国家自然科学基金(61300216)。
关键词
SQAG模型
置信度
攻击熵
成本收益分析
联结树算法
SQAG model
confidence degree
attack entropy
cost-benefit analysis
joint tree algorithm
