基于贝叶斯攻击图的最优安全防护策略选择模型

目前基于攻击图的网络安全主动防御技术在计算最优防护策略时，很少考虑网络攻击中存在的不确定性因素。为此，提出一种基于贝叶斯攻击图的最优防护策略选择（Optimal Hardening Measures Selection based on Bayesian Attack Graphs，HMSBAG）模型。该模型通过漏洞利用成功概率和攻击成功概率描述攻击行为的不确定性;结合贝叶斯信念网络建立用于描述攻击行为中多步原子攻击间因果关系的概率攻击图，进而评估当前网络风险;构建防护成本和攻击收益的经济学指标及指标量化方法，运用成本-收益分析方法，提出了基于粒子群的最优安全防护策略选择算法。实验验证了该模型在防护策略决策方面的可行性和有效性，有效降低网络安全风险。

Optimal security hardening measures selection model based on Bayesian attack graph

An active defense technology based on attack graph has been applied on network security very well. However, the uncertainty about attacker actions is rarely considered in calculating the optimal countermeasure. Based on the above, an Optimal Hardening Measures Selection model based on Bayesian Attack Graphs（HMSBAG） is presented in this paper. This model describes the uncertainty of attack action by using the probability of successful exploits and the probability of successful attacks. Then, a probability attack graph, which describes the cause-consequence relationships among multi-step atomic attack in one attack progress, is built by using Bayesian belief networks to assess the current network risk. By using cost-benefit analysis method, the economics index of hardening-cost and attack-benefit are built and the optimal hardening measures selection algorithm based on particle swarm optimization is presented. Experimental results validate the feasibility and effectiveness of the model in the decision of optimal hardening measures to reduce the network security risk.