| 基于攻击图模型的网络安全态势评估方法 |
| |
| 引用本文: | 周安顺,王绥民.基于攻击图模型的网络安全态势评估方法[J].移动通信,2021(2):104-108. |
| |
| 作者姓名: | 周安顺 王绥民 |
| |
| 作者单位: | 中国联合网络通信有限公司海南省分公司创新研究院;中国联合网络通信有限公司海南省分公司 |
| |
| 摘 要: | 针对网络攻击出现的大规模、协同、多阶段的特点,提出一种基于攻击图模型的网络安全态势评估方法.首先,结合攻击事件的时空特征融合多源告警数据构建网络攻击行为特征;其次,基于告警信息映射攻击节点,关联多步攻击的路径;再次,在构建攻击图的基础上,结合转移序列构建攻击节点转移概率表,将转移概率引入攻击图中,推断攻击者的攻击意图;...
|
| 关 键 词: | 深度学习 时空特征 攻击图 转移概率 安全态势 |
Network Security Situation Assessment Method Based on Attack Graph Model |
| |
| ZHOU Anshun,WANG Suimin.Network Security Situation Assessment Method Based on Attack Graph Model[J].Mobile Communications,2021(2):104-108. |
| |
| Authors: | ZHOU Anshun WANG Suimin |
| |
| Affiliation: | (China Unicorn Hainan Branch,Haikou 572500,China) |
| |
| Abstract: | In view of the large-scale,collaborative and multi-stage characteristics of network attacks,a network security situation assessment method is proposed based on attack graph model.Firstly,the behavior characteristics of network attacks are constructed based on the combination of spatiotemporal characteristics of attack events and the fusion of the multisource alarm data.Secondly,the attack nodes are mapped based on the alarm information,and the multi-step attack paths are associated.Thirdly,based on the construction of attack graph,the table of node transition probabilities is constructed by combining the transition sequence,and the transition probabilities are introduced into the attack graph to infer the attacker's attack intention.Finally,for the most possible attack path,the security situation is evaluated for the attack nodes with the high probability,and then the security situation of potential attack nodes after network attack is scientifically quantified.The results provide theoretical support and scientific basis for network security managers to prepare the proper protections in advance. |
| |
| Keywords: | deep learning spatiotemporal characteristics attack graph transition probability security situation |
| 本文献已被 维普 等数据库收录! |
|
