共查询到17条相似文献,搜索用时 370 毫秒
1.
该文首先利用属性攻击图理论构建了网络动态威胁分析属性攻击图(DT-AAG)模型,该模型在全面刻画系统漏洞和网络服务导致的威胁转移关系的基础上,结合通用漏洞评分标准(CVSS)和贝叶斯概率转移计算方法设计了威胁转移概率度量算法;其次基于构建的DT-AAG模型,利用威胁与漏洞、服务间的关联关系,设计了动态威胁属性攻击图生成算法(DT-AAG-A),并针对生成的属性攻击图存在的威胁传递环路问题,设计了环路消解机制;最后通过实验验证了该模型和算法的有效性。 相似文献
2.
现有研究者采用威胁建模和安全分析系统的方法评估和预测软件定义网络(software defined network, SDN)安全威胁,但该方法未考虑SDN控制器的漏洞利用概率以及设备在网络中的位置,安全评估不准确。针对以上问题,根据设备漏洞利用概率和设备关键度结合PageRank算法,设计了一种计算SDN中各设备重要性的算法;根据SDN攻击图和贝叶斯理论设计了一种度量设备被攻击成功概率的方法。在此基础上设计了一种基于贝叶斯攻击图的SDN安全预测算法,预测攻击者的攻击路径。实验结果显示,该方法能够准确预测攻击者的攻击路径,为安全防御提供更准确的依据。 相似文献
3.
针对网络攻击出现的大规模、协同、多阶段的特点,提出一种基于攻击图模型的网络安全态势评估方法。首先,结合攻击事件的时空特征融合多源告警数据构建网络攻击行为特征;其次,基于告警信息映射攻击节点,关联多步攻击的路径;再次,在构建攻击图的基础上,结合转移序列构建攻击节点转移概率表,将转移概率引入攻击图中,推断攻击者的攻击意图;最后,针对最大可能的攻击路径,对大概率的攻击节点进行安全态势评估,科学量化网络攻击后潜在攻击节点的安全态势,为网络安全管理人员提前做好防护提供理论支撑和科学依据。 相似文献
4.
针对目前主机安全评估方法中无法准确计算主机安全值,忽略攻击图中主机关联性等问题,提出一种基于攻击图的主机安全评估方法。首先,生成主机攻击图,从漏洞自身、时间、环境和操作系统可利用性4个角度量化原子攻击概率并计算主机攻击概率。然后,根据专家先验评估和相关性定权法计算主机资产重要性,依据攻击图中主机间的关联关系计算主机的拓扑结构重要性。最后,依据主机漏洞影响值、主机重要性和主机攻击概率计算主机安全值。实验结果表明,所提方法得到的主机重要性和安全值符合真实网络情况,能够更全面准确地反映主机的安全状况;所提方法得到的主机安全值标准差为0.078,大于其他方法得到的安全值标准差,表明所提方法得到的安全值离散程度更大,更易于区分安全等级和后续的风险处置优先级。 相似文献
5.
6.
传统的病毒检测系统、网络防火墙、入侵检测系统等技术只能够检测出已知的大部分威胁,但却无法检测出网络中存在的潜在的问题。为此,文中提出了一种基于攻击图的渗透测试方法。首先,考虑到攻击持续时间、攻击类型等方面因素,对现有的攻击图方法进行改进,提出一种新的攻击图技术;其次,基于实际应用,从攻击的路径、时间、代价、方式等方面综合考虑,提出攻击图最优攻击路径选择策略;最后,设计基于攻击图的渗透测试模型,并进行了试验测试。测试结果表明,该渗透测试算法能够更好的模拟现实世界中的真实攻击。同时能够对当前设备的安全状态进行评估,可以在实际渗透测试中进行应用。 相似文献
7.
使用因果关联方法构建攻击场景时,漏报警易引发关联图的分裂.针对此问题,提出了一种改进的基于因果关联的攻击场景重构方法.该方法根据报警相关度确定可组合的关联图,利用网络弱点和攻击关系推出漏报警,使得分裂的关联图能够组合起来,进而重建完整的攻击场景.实验结果表明了该方法的有效性. 相似文献
8.
9.
10.
11.
To predict the attack behaviors accurately and comprehensively as well as to quantify the threat of attack,a quantitative method for network security situation based on attack prediction was proposed.By fusing the situation factors of attacker,defender and network environment,the capability of attacker and the exploitability rate of vulnerability were evaluated utilizing the real-time detected attack events,and the expected time-cost for attack-defense were further calculated.Then an attack prediction algorithm based on the dynamic Bayesian attack graph was designed to infer the follow-up attack actions.At last,the attack threat was quantified as the security risk situation from two levels of the hosts and the overall network.Experimental analysis indicates that the proposed method is suitable for the real adversarial network environment,and is able to predict the occurrence time of attack accurately and quantify the attack threat reasonably. 相似文献
12.
The known-key establishment template and others full control of experimental equipment preconditions are required to implement the traditional template attack.The preconditions restrict the application scenario of template attack.The template attack is only applied to the device that the key input can be controlled.In order to resolve the restrictive preconditions,a novel method of template attack based on clustering was proposed.The clustering EM algorithm was modified according to the characteristics of information leakage model in the method.The modified clustering methods accurately fitted the leaked information probability model in the case of unknown key,the location of information leakage could be determined.Then the attack established the templates in the location,and implemented template matching.The proposed method eliminates the dependence of traditional template attacks on per-conditions and expand the application scenario of template attack. 相似文献
13.
Aiming at the problem of ignoring the impact of attack cost and intrusion intention on network security in the current network risk assessment model,in order to accurately assess the target network risk,a method of network intrusion intention analysis based on Bayesian attack graph was proposed.Based on the atomic attack probability calculated by vulnerability value,attack cost and attack benefit,the static risk assessment model was established in combination with the quantitative attack graph of Bayesian belief network,and the dynamic update model of intrusion intention was used to realize the dynamic assessment of network risk,which provided the basis for the dynamic defense measures of attack surface.Experiments show that the model is not only effective in evaluating the overall security of the network,but also feasible in predicting attack paths. 相似文献
14.
在云计算环境中存在庞大的任务数,为了能更加高效地完成任务请求,如何进行有效地任务调度是云计算环境下实现按需分配资源的关键。针对调度问题提出了一种基于蚁群优化的任务调度算法,该算法能适应云计算环境下的动态特性,且集成了蚁群算法在处理NP-Hard问题时的优点。该算法旨在减少任务调度完成时间。通过在CloudSim平台进行仿真实验,实验结果表明,改进后的算法能减少任务平均完成时间、并能在云计算环境下有效提高调度效率。 相似文献
15.
16.