摘要
当前攻击图模型没有考虑漏洞的重复利用,并且风险概率计算不够全面、准确。为了准确评估网络资产环境安全,提出了一种基于贝叶斯攻击图的网络资产安全评估模型。首先根据漏洞可利用性、主机安防强度、漏洞时间可利用性和漏洞来源计算原子攻击成功概率,并结合贝叶斯网络量化攻击图。其次,根据漏洞的重复利用情况,对部分原子攻击成功概率和相应先验可达概率进行修正,作为对网络资产静态安全风险的评估。再次,根据实时发生的攻击事件,动态更新相关节点的可达概率,实现对网络资产安全风险的动态评估。最后,通过实验仿真和与现有工作的对比分析,对所提模型进行有效分析和验证。
Current attack graph models do not consider the reuse of vulnerabilities,and the calculation of risk probability is not comprehensive and accurate.In order to overcome these difficulties and evaluate security of network assets environment accurately,a network assets security assessment model based on Bayesian attack graph is proposed.Firstly,successful probabilities of atomic attacks are calculated according to vulnerability exploitability,host protection strength,vulnerability time exploitability and vulnerability source.Then attack graph is quantified by Bayesian network.Secondly,successful probabilities of partial atomic attacks and corresponding prior reachable probabilities are modified according to the reuse of vulnerabilities to evaluate static security risk of network assets.Thirdly,reachable probabilities of related nodes are updated dynamically according to real-time attack events to realize the dynamic assessment of network assets security risk.Finally,the proposed model is analyzed and verified effectively by experimental simulation and comparison with existing works.
作者
曾昆仑
张尼
李维皓
秦媛媛
ZENG Kunlun;ZHANG Ni;LI Weihao;QIN Yuanyuan(National Computer System Engineering Research Institute of China,Beijing 100083,China)
出处
《计算机科学》
CSCD
北大核心
2023年第12期349-358,共10页
Computer Science
关键词
贝叶斯攻击图
攻击事件
安全评估
后验概率
风险概率
Bayesian attack graph
Attack event
Security assessment
Posterior probability
Risk probability
