| 基于网络漏洞的复合攻击预测方法研究 |
| |
| 引用本文: | 路凯,于红彬,齐英兰.基于网络漏洞的复合攻击预测方法研究[J].网络安全技术与应用,2011(12):19-22. |
| |
| 作者姓名: | 路凯 于红彬 齐英兰 |
| |
| 作者单位: | 1. 许昌电气职业学院,河南,461000
2. 河南省轻工业职工大学,河南,450002 |
| |
| 摘 要: | 入侵检测系统可以检测到攻击,但不能预测攻击者下一步的攻击。本文分析了基于攻击为预测方法的不足,提出了一种基于网络弱点的攻击预测方法。该方法使用报警关联方法建立报警关联图,然后利用网络弱点和攻击的关系预测攻击者的下一步攻击。最后,通过实验验证了该方法的有效性。
|
| 关 键 词: | 攻击 攻击预测 网络弱点 报警关联 |
Forecast Algorithm For Multi-step Attack Based On Network Vulnerability |
| |
| Lu Kai,Yu Hongbin,Qi Yinglan Xuchang Electrical Vocational College,Henan,China Henan Province Light Industry Vocational University,China.Forecast Algorithm For Multi-step Attack Based On Network Vulnerability[J].Net Security Technologies and Application,2011(12):19-22. |
| |
| Authors: | Lu Kai Yu Hongbin Qi Yinglan Xuchang Electrical Vocational College Henan China Henan Province Light Industry Vocational University China |
| |
| Affiliation: | Lu Kai1,Yu Hongbin2,Qi Yinglan3 1Xuchang Electrical Vocational College,Henan,461000,China 2Henan Province Light Industry Vocational University,450002,China |
| |
| Abstract: | Attack can be only detected,but cannot forecast the attacker's next attack by intrusion detection system.This paper proposes a forecast method based on the network vulnerability.This method constructs the correlation graphs through alert correlation,and deduces the attacker's next attack by analyzing the relationship between network vulnerability and exploit.In the end,the validity of the algorithm is proved by the experimental results. |
| |
| Keywords: | attack forecast attack network vulnerability alert correlation |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
