| 面向攻击图构建的网络连通性分析 |
| |
| 引用本文: | 黎翰,张少俊,陈秀真,陈晓桦.面向攻击图构建的网络连通性分析[J].计算机工程,2009,35(18):116-118. |
| |
| 作者姓名: | 黎翰 张少俊 陈秀真 陈晓桦 |
| |
| 作者单位: | 上海交通大学信息安全工程学院,上海,200240 |
| |
| 基金项目: | 国家自然科学基金资助项目,国家"863"计划基金资助项目,教育部博士点基金资助项目 |
| |
| 摘 要: | 针对目前网络攻击图构建系统的需求,设计网络连通性分析算法。通过对网络拓扑及防火墙规则进行离线分析,可以判断网络中由若干台过滤设备分隔的任意2台主机间的连通性。引入关键实体集的概念,结合经典的Apriori算法提出一种快速有效的获取关键实体集的方法。分析对比表明,关键实体集可以在连通性分析过程中为网络中各节点的重要性评估提供有力依据。
|
| 关 键 词: | 网络连通性 攻击图 关键实体集 |
| 修稿时间: | |
Analysis of Network Connectivity for Attack Graph Construction |
| |
| LI Han,ZHANG Shao-jun,CHEN Xiu-zhen,CHEN Xiao-hua.Analysis of Network Connectivity for Attack Graph Construction[J].Computer Engineering,2009,35(18):116-118. |
| |
| Authors: | LI Han ZHANG Shao-jun CHEN Xiu-zhen CHEN Xiao-hua |
| |
| Affiliation: | Information Security Engineering Institute;Shanghai Jiaotong University;Shanghai 200240 |
| |
| Abstract: | This paper designs a network connectivity analysis algorithm according to the present techniques and the need of attack graph construction system.By using connectivity analysis, network topology and firewall rule analysis can be performed offline, which determines the connectivity between two hosts.It introduces a conception of Critical Entity Collection(CEC).An effective way of CEC detection is presented on the basis of classic Apriori algorithm.Deep analysis and comparison show that CEC provides effective... |
| |
| Keywords: | network connectivity attack graph Critical Entity Collection(CEC) |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
