基于攻击能力增长的网络安全分析模型

网络脆弱性分析是近年来国内外研究的热点问题之一.基于攻击能力增长的网络安全性分析模型以攻击者的能力增长为主导,参考网络环境配置,模拟黑客攻击自动生成攻击图.使用攻击能力增长表示攻击者的最终目标使得攻击图的表示更为准确.最小攻击代价分析第1次考虑了相似攻击对攻击代价的影响,以便对各条路径的攻击代价进行计算;最小环境改变分析考虑入侵检测的因素对最可能的攻击路径进行分析,对于入侵检测系统的处理更加科学合理;两种分析都为改善网络配置提供了依据.与已有成果相比,模型提出的算法和方法更为实际可行.

A Network Security Analysis Model Based on the Increase in Attack Ability

In recent years, network vulnerability analysis, which is attracting more and more domestic researchers and foreign researchers, has become a hotspot in the field of information security. A new model of network security analysis based on the increase in attack ability is proposed. It takes into account the network environment and simulates the attacker's behavior, and considers improving the attack ability as attacker's ultimate target to generate attack graph. The method used to represent attack graph make the attack target more clear, because it uses the attack ability's increment to describe a goal, which is more accurate than the attack ability itself. The minimum attack cost analysis considers the influence of similar attacks to compute the cost of each path for the first time, which conforms to the actual process of attack execution. The minimum environment change analysis can help people find out which attack path is most likely to be adopted by the attacker, which deals with IDS in a more reasonable way. These two analysis methods are helpful for improving the network configuration. The algorithm of attack graph generation and the method to analyze the attack graph proposed by the network security analysis model is more feasible than the existing ones.