期刊文献+
共找到3篇文章
< 1 >
每页显示 20 50 100
Heuristic multistep attack scenarios construction based on kill chain
1
作者 Cheng Jie Zhang Ru +4 位作者 Wei Jiahui Lu Chen Lü Zhishuai Lin Bingjie Xia Ang 《The Journal of China Universities of Posts and Telecommunications》 EI CSCD 2023年第5期61-71,共11页
Network attacks evolved from single-step and simple attacks to complex multistep attacks.Current methods of multistep attack detection usually match multistep attacks from intrusion detection systems(IDS)alarms based ... Network attacks evolved from single-step and simple attacks to complex multistep attacks.Current methods of multistep attack detection usually match multistep attacks from intrusion detection systems(IDS)alarms based on the correlation between attack steps.However,IDS has false negatives and false positives,which leads to incomplete or incorrect multistep attacks.Association based on simple similarity is difficult to obtain an accurate attack cluster,while association based on prior knowledge such as attack graphs is difficult to guarantee a complete attack knowledge base.To solve the above problems,a heuristic multistep attack scenarios construction method based on the kill chain(HMASCKC)model was proposed.The attack model graph can be obtained from dual data sources and heuristic multistep attack scenarios can be obtained through graph matching.The model graph of the attack and the predicted value of the next attack are obtained by calculating the matching value.And according to the purpose of the multistep attack,the kill chain model is used to define the initial multistep attack model,which is used as the initial graph for graph matching.Experimental results show that HMASCKC model can better fit the multistep attack behavior,the effect has some advantages over the longest common subsequence(LCS)algorithm,which can close to or match the prediction error of judge evaluation of attack intension(JEAN)system.The method can make multistep attack model matching for unknown attacks,so it has some advantages in practical application. 展开更多
关键词 multistep attack scenario kill chain graph matching attack prediction
原文传递
多步攻击告警关联模型构建与实现 被引量:1
2
作者 翟光群 周双银 《计算机应用》 CSCD 北大核心 2011年第5期1276-1279,共4页
为精简入侵检测系统产生的大量报警信息和分析攻击者的目的和动机,提出了新的报警信息关联模型。该模型通过事件关联把具有相似关系的报警信息关联后存储为元报警,然后根据报警类型知识库转换为超报警,最后根据超报警之间的因果关系进... 为精简入侵检测系统产生的大量报警信息和分析攻击者的目的和动机,提出了新的报警信息关联模型。该模型通过事件关联把具有相似关系的报警信息关联后存储为元报警,然后根据报警类型知识库转换为超报警,最后根据超报警之间的因果关系进行攻击关联,构建出攻击关联图。实验表明,该模型提高了报警处理效率,对识别攻击意图和提高报警准确性有较好的效果。 展开更多
关键词 入侵检测 报警信息 多步攻击 事件关联 超报警
下载PDF
航天器多约束空间抵近掠飞轨迹优化方法 被引量:3
3
作者 张庆泽 尹龙逊 +3 位作者 张强 王博 叶东 王佐伟 《空间控制技术与应用》 CSCD 北大核心 2022年第3期49-56,共8页
近距离掠飞能够以较小的燃料消耗实现对空间目标的抵近观测,是空间态势感知的重要手段.任务航天器抵近目标航天器后实施观测,需满足合适的观测距离、光照角度等诸多条件,该过程具有很强的约束性,因此需要寻找一种既能快速优化,又可使优... 近距离掠飞能够以较小的燃料消耗实现对空间目标的抵近观测,是空间态势感知的重要手段.任务航天器抵近目标航天器后实施观测,需满足合适的观测距离、光照角度等诸多条件,该过程具有很强的约束性,因此需要寻找一种既能快速优化,又可使优化后的轨道满足任务需求的优化算法.本文设计了一种综合多步优化和序列二次规划综合的优化算法,并提出了针对近程观测任务约束条件的简化模型,用以处理运算过程中的非线性约束问题,在符合任务需求和满足约束条件的前提下实现燃料最省的轨道机动.通过程序运算及仿真,验证了算法设计的有效性及简化模型的合理性. 展开更多
关键词 多步优化 序列二次规划 轨迹优化 空间攻防
下载PDF
上一页 1 下一页 到第
使用帮助 返回顶部