首页 | 本学科首页   官方微博 | 高级检索  
     

基于攻击模式的反向搜索攻击图生成算法
引用本文:赵豹,张怡,孟源. 基于攻击模式的反向搜索攻击图生成算法[J]. 计算机工程与科学, 2011, 33(7): 18-24. DOI: 10.3969/j.issn.1007-130X.2011.07.004
作者姓名:赵豹  张怡  孟源
作者单位:1. 95972部队,甘肃九泉,735018
2. 国防科学技术大学计算机学院,湖南长沙,410073
基金项目:国家863计划资助项目
摘    要:在使用攻击图方法分析网络中脆弱性之间关系时,网络规模一直是制约攻击图生成算法效率的根本因素.本文提出了一个基于攻击模式的高效攻击图反向生成算法.首先,对已有网络模型做出改进,提出了新型的基于网络中关键属性的模型,该模型使用子网掩码压缩网络连接关系,达到缩小网络规模的目的.其次,使用网络模型中的关键属性对脆弱性进行描述,...

关 键 词:脆弱性  属性攻击图  攻击模式

A Backward Search Approach to Attack Graph Generation Based on Attack Patterns
ZHAO Bao,ZHANG Yi,MENG Yuan. A Backward Search Approach to Attack Graph Generation Based on Attack Patterns[J]. Computer Engineering & Science, 2011, 33(7): 18-24. DOI: 10.3969/j.issn.1007-130X.2011.07.004
Authors:ZHAO Bao  ZHANG Yi  MENG Yuan
Abstract:Automated generation of attack graphs always encounters efficiency problem when using attack graphs to analyse the vulnerabilities of large networks.This paper proposes a backward approach to attack graphs generation based on attack patterns with great efficiency.Firstly,we propose a novel model of network based on the key attributes of networks,which is improved upon the previous models.This model optimizes the network connections and downsizes the network.Secondly,after abstracting a large number of vulnerabilities,we sum up a few attack patterns,based on which we build an efficiency approach to attribute attack graphs generation.Thirdly,the backward approach we propose solves the problem of loop attack paths.Finally,the experimental result shows that,our backward approach generates partial attack graphs which illustrate the potential interrelations among the known vulnerabilities just related to the given attack goal in the targeted network,while other forward approaches generate full attack graphs.And we show the experimental evidence that our attribute attack graph generation algorithm is very efficient,the complexity of the algorithm is between O(|H|2) and O(|H|3).
Keywords:vulnerability  attribute attack graph  attack pattern
本文献已被 万方数据 等数据库收录!
点击此处可从《计算机工程与科学》浏览原始摘要信息
点击此处可从《计算机工程与科学》下载全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号