基于贝叶斯攻击图的动态安全风险评估模型

攻击者通过分析网络中漏洞的相互关联关系逐步攻破多个漏洞，而攻击图模型虽然能描述网络内潜在威胁的传播路径，但未充分考虑攻击事件对攻击图中所有属性节点置信度的动态影响。为此，提出一种基于贝叶斯攻击图的动态风险评估(dynamic risk assessment based on Bayesian attack graphs, DRA-BAG)模型。该模型运用贝叶斯信念网络建立用于描述攻击行为中多步原子攻击间因果关系的概率攻击图，其中采用通用漏洞评分系统指标计算漏洞利用成功概率，并利用局部条件概率分布表评估属性节点的静态安全风险；进而结合入侵检测系统观测到的实时攻击事件，运用贝叶斯推理方法对单步攻击行为的后验概率进行动态更新，最终实现对目标网络整体安全性的评估。实验结果表明，本文方法可评估动态安全风险和推断攻击路径，为实施安全防护策略提供依据。

Dynamic Security Risk Assessment Model based on Bayesian Attack Graph

Attackers break several vulnerabilities gradually by analyzing mutual relationship of network vulnerabilities. Attack graph model can describe the potentially threatening propagation path in the network, but it is not fully considered that all attribute node beliefs of attack graph are influenced dynamically by the observed attack events. Based on the above, this paper presents a dynamic risk assessment model based on Bayesian attack graph. The probability attack graph, which describes the cause-consequence relationships among the steps in one attack progress, is built by using Bayesian belief networks. The probability of vulnerabilities, which is successfully executed by an attacker, is computed by using index of common vulnerability scoring system, and the static security risk of the property node is assessed by introducing local conditional probability tables. Then, by combining real-time attack events being observed by intrusion detection system, the posterior probability is calculated dynamically when the attack occurred by applying Bayesian inference. Finally, the security risk of the target networks is evaluated. Experimental results show that the model can assess dynamical security risk and deduce attack path, and provide effective guidance for taking security hardening strategy.