一种基于攻击树的4G网络安全风险评估方法

doi:10.19678/j.issn.1000-3428.0057483

摘要/Abstract

摘要： 针对4G网络的安全风险评估问题，提出一种基于攻击树模型的评估方法，以分析网络的风险状况，评估系统的风险程度和安全等级。对4G网络的安全威胁进行分类，通过梳理攻击行为和分解攻击流程来构造攻击树模型，利用多属性理论赋予叶节点3个安全属性并通过等级评分进行量化，结合模糊层次分析法和模糊矩阵计算叶节点的风险概率，根据节点间的依赖关系得到根节点的风险概率，最终得到4G网络的安全风险等级。实验结果表明，该方法能够准确评估4G网络的风险因素，预测可能的攻击路径，为安全防护策略选择提供依据。

关键词: 4G网络, 安全威胁, 攻击树模型, 风险评估, 模糊层次分析法

Abstract: This paper proposes a security risk evaluation method for 4G network based on attack tree model,which can be used to analyze the risks faced by the network and evaluate the risk level and security level of the system.The security risks of 4G network are categorized,and the attack tree model is constructed by sorting out the attack behavior and decomposing the attack flow.Then,the multi-attribute theory is used to give three security attributes to the leaf nodes and quantify them by scoring the level.The risk probability of the leaf node is calculated by combining Fuzzy Analytical Hierarchy Process(FAHP) and the fuzzy matrix.The risk probability of the root node is obtained according to the dependency between nodes.Experimental results show that the proposed method can accurately evaluate the risk factors of 4G network,predict the possible attack paths,and assist in the selection of security protection strategies.

Key words: 4G network, security threats, attack tree model, risk assessment, Fuzzy Analytical Hierarchy Process(FAHP)

中图分类号:

TP309

王赛娥, 刘彩霞, 刘树新, 柏溢. 一种基于攻击树的4G网络安全风险评估方法[J]. 计算机工程, 2021, 47(3): 139-146,154.

WANG Saie, LIU Caixia, LIU Shuxin, BAI Yi. A Method of 4G Network Security Risk Assessment Based on Attack Tree[J]. Computer Engineering, 2021, 47(3): 139-146,154.

http://www.ecice06.com/CN/Y2021/V47/I3/139

图/表 13

20210322171440

20210322171443

20210322171446

20210322171449

20210322171452

20210322171456

20210322171459

20210322171502

20210322171505

20210322171509

20210322171512

20210322171515

20210322171518

参考文献

[1] BASIN D,DREIER J,HIRSCHI L,et al.A formal analysis of 5G authentication[C]//Proceedings of 2018 ACM SIGSAC Conference on Computer and Communications Security.New York,USA:ACM Press,2018:16-23.
[2] LIU Caixia,HU Xinxin,LIU Shuxin,et al.Security analysis of 5G network EAP-AKA' protocol based on lowe classification[J].Journal of Electronics and Information Technology,2019,41(8):1800-1807.(in Chinese)刘彩霞,胡鑫鑫,刘树新,等.基于Lowe分类法的5G网络EAP-AKA'协议安全性分析[J].电子与信息学报,2019,41(8):1800-1807.
[3] HUSSAIN S R,CHOWDHURY O,MEHNAZ S,et al.LTEInspector:a systematic approach for adversarial testing of 4G LTE[C]//Proceedings of 2018 Network and Dis-tributed System Security Symposium.Washington D.C.,USA:IEEE Press,2018:156-169.
[4] HOLM H,SOMMESTAD T,ALMROTH J,et al.A quantitative evaluation of vulnerability scanning[J].Information Management & Computer Security,2011,19(4):231-247.
[5] CHEN Qixiang.Information security risk assessment method for control system of wind power plant[J].Electronics World,2020(1):42-43,46.(in Chinese)陈其祥.一种风电厂控制系统信息安全风险评估方法[J].电子世界,2020(1):42-43,46.
[6] ZHANG Wanqiao,YANG Qing.LTE redirection:forcing targeted LTE cellphone into unsafe network[EB/OL].[2019-12-25].https://ruxcon.org.au/assets/2016/slides/LTE_Redirection_Ruxcon.pdf.
[7] MJØLSNES S F,OLIMID R F.Easy 4G/LTE IMSI catchers for non-programmers[M].Berlin,Germany:Springer,2017.
[8] HONG B,BAE S,KIM Y.GUTI reallocation demystified:cellular location tracking with changing temporary identifier[C]//Proceedings of 2018 Network and Distributed System Security Symposium.Washington D.C.,USA:IEEE Press,2018:25-36.
[9] RUPPRECHT D,KOHLS K,HOLZ T,et al.Breaking LTE on layer two[C]//Proceedings of 2019 IEEE Symposium on Security and Privacy.Washington D.C.,USA:IEEE Press,2019:123-156.
[10] KIM H,LEE J,LEE E,et al.Touching the untouchables:dynamic security analysis of the LTE control plane[C]//Proceedings of 2019 IEEE Symposium on Security and Privacy.Washington D.C.,USA:IEEE Press,2019:1153-1168.
[11] VESELY W E,GOLDBERG F F,ROBERTS N H,et al.Fault tree handbook[EB/OL].[2019-12-25].https://www.nrc.gov/docs/ML1007/ML100780465.pdf.
[12] SCHNEIER B.Attack trees[J].Doctor Dobbs Journal,1999,24(12):21-29.
[13] LIU Wenyan,HUO Shumin,TONG Qing,et al.Research on network security evaluation and analysis model[J].Chinese Journal of Network and Information Security,2018,4(4):1-11.(in Chinese)刘文彦,霍树民,仝青,等.网络安全评估与分析模型研究[J].网络与信息安全学报,2018,4(4):1-11.
[14] DU S G,ZHU H J.Security assessment via attack tree model[M]//DU Suguo,ZHU Haojin.Security assess-ment in vehicular networks.Berlin,Germany:Springer,2013:9-16.
[15] CHEN Yanhong,OU Yuyi,LING Jie.An improved trojan horse detection method based on extended attack tree model[J].Computer Applications and Software,2016,33(8):308-311.(in Chinese)陈燕红,欧毓毅,凌捷.一种改进的基于扩展攻击树模型的木马检测方法[J].计算机应用与软件,2016,33(8):308-311.
[16] HERNAN S,LAMBERT S,OSTWALD T,et al.Uncover security design flaws using the STRIDE approach(2006)[EB/OL].[2019-12-25].http://msdn.microsoft.com/en-gb/magazine/cc163519.
[17] FAN Hong.Understanding and implementation of national standards for information security risk assessment[M].Beijing:China Standard Press,2008.(in Chinese)范红.信息安全风险评估规范国家标准理解与实施[M].北京:中国标准出版社,2008.
[18] BULDAS A,LAUD P,PRⅡSALU J,et al.Rational choice of security measures via multi-parameter attack trees[M].Berlin,Germany:Springer,2006.
[19] MATEO J R S C.Multi-attribute utility theory[M].Berlin,Germany:Springer,2012.
[20] GAN Zaobin,WU Ping,LU Songfeng,et al.Risk assessment of information system security based on extended attack tree[J].Application Research of Computers,2007,24(11):153-156.(in Chinese)甘早斌,吴平,路松峰,等.基于扩展攻击树的信息系统安全风险评估[J].计算机应用研究,2007,24(11):153-156.
[21] HE Mingliang,CHEN Zemao,LONG Xiaodong.Improvement of attack tree model based on analytic hierarchy process[J].Application Research of Computers,2016,33(12):3755-3758.(in Chinese)何明亮,陈泽茂,龙小东.一种基于层次分析法的攻击树模型改进[J].计算机应用研究,2016,33(12):3755-3758.
[22] CHAN H K,WANG X J.Fuzzy hierarchical model for risk assessment[M].Berlin,Germany:Springer,2013.
[23] FU Y,WU X P,YE Q.Approach for information systems security situation evaluation using improved FAHP and Bayesian network[J].Journal on Communications,2009,30(9):135-140.
[24] TAYLAN O,BAFAIL A O,ABDULAAL R M S,et al.Construction projects selection and risk assessment by fuzzy AHP and fuzzy TOPSIS methodologies[J].Applied Soft Computing,2014,17:105-116.
[25] ZHANG Jijun.Fuzzy Analytic Hierarchy Process(FAHP)[J].Fuzzy Systems and Mathematics,2000,14(2):80-88.(in Chinese)张吉军.模糊层次分析法(FAHP)[J].模糊系统与数学,2000,14(2):80-88.
[26] TAO Yuhui.How to construct fuzzy consistent judgment matrix in fuzzy analytic hierarchy process[J].Journal of Sichuan Normal University(Natural Science),2002,23(3):282-285.(in Chinese)陶余会.如何构造模糊层次分析法中模糊一致判断矩阵[J].四川师范学院学报(自然科学版),2002,23(3):282-285.
[27] SONG Guangxing,YANG Deli.Consistency check and improvement method of fuzzy judgment matrix[J].Systems Engineering,2003,21(1):110-116.(in Chinese)宋光兴,杨德礼.模糊判断矩阵的一致性检验及一致性改进方法[J].系统工程,2003,21(1):110-116.
[28] GEER D,HOO K S,JAQUITH A.Information security:why the future belongs to the quants[J].IEEE Security & Privacy,2003,1(4):24-32.
[29] LÜ Zongping,QI Wei,GU Zhaojun.Attack tree model based on fuzzy analytic hierarchy proces[J].Computer Engineering and Design,2018,39(6):1501-1505,1515.(in Chinese)吕宗平,戚威,顾兆军.基于模糊层次分析法的攻击树模型[J].计算机工程与设计,2018,39(6):1501-1505,1515.

选择文件类型/文献管理软件名称

选择包含的内容