Attack path prediction method based on causal knowledge net |
| |
| Authors: | Shuo WANG Guang-ming TANG Guang KOU Hai-tao SONG |
| |
| Affiliation: | 1. PLA Information Engineering University,Zhengzhou 450001,China;2. Science and Technology on Information Assurance Laboratory,Beijing 100072,China |
| |
| Abstract: | The existing attack path prediction methods can not accurately reflect the variation of the following attack path caused by the capability of the attacker.Accordingly an attack path prediction method based on causal knowledge net was presented.The proposed method detected the current attack actions by mapping the alarm sets to the causal knowledge net.By analyzing the attack actions,the capability grade of the attacker was inferred,according to which adjust the probability knowledge distribution dynamically.With the improved Dijkstra algorithm,the most possible attack path was computed.The experiments results indicate that the proposed method is suitable for a real network confrontation environment.Besides,the method can enhance the accuracy of attack path prediction. |
| |
| Keywords: | attack path prediction causal knowledge net attacker capability probability knowledge distribution Dijkstra algorithm |
|
| 点击此处可从《通信学报》浏览原始摘要信息 |
|
点击此处可从《通信学报》下载全文 |
|
