融合社交网络威胁的攻击图生成方法

doi:10.19678/j.issn.1000-3428.0060128

摘要/Abstract

摘要： 针对现有攻击图生成和分析方法多数未考虑社交网络威胁的问题，提出一种基于知识图谱融合社交网络威胁的攻击图生成方法。根据攻击图的构建需求和收集的内网环境数据，设计融合社交网络威胁的网络安全本体模型和知识图谱，以实现对社交网络和物理网络数据的关联分析以及对攻击图输入信息的扩展，基于知识图谱采用广度优先搜索算法生成融合社交网络威胁的攻击图，并给出内部社交网络威胁的攻击成功率计算方法。基于真实网络拓扑和脆弱性信息的实验结果表明，与现有攻击图的相关方法相比，该方法可有效发现网络中潜在的借助社交网络入侵的攻击路径。

关键词: 网络安全, 知识图谱, 社交网络威胁, 属性攻击图, 本体模型

Abstract: The existing methods for attack graph generation and analysis do not consider the threats of social network. This paper proposes a method to generate an attack graph integrating social network threats based on a knowledge graph. According to attack graph construction requirements and the collected intranet data,a network security ontology model and knowledge graph that integrate social network threats are designed.The model and the knowledge graph enable the analysis of the association between social network data and physical network data,as well as the extension of the input information of the attack graph.Then based on the knowledge graph,a breadth-first search algorithm is used to generate an attack graph that integrates social network threats,and a method for calculating the attack success rate of internal social network threats is given.Experiments are carried out based on the real-world network topology and real-world vulnerability information.The results show that compared with the existing attack graph-related techniques,this method can effectively discover the paths of potential attacks based on social network.

Key words: network security, knowledge graph, social network threats, attribute attack graph, ontology model

中图分类号:

TP309

杨艳丽, 宋礼鹏. 融合社交网络威胁的攻击图生成方法[J]. 计算机工程, 2021, 47(5): 104-116.

YANG Yanli, SONG Lipeng. Attack Graph Generation Method Integrating Social Network Threats[J]. Computer Engineering, 2021, 47(5): 104-116.

http://www.ecice06.com/CN/Y2021/V47/I5/104

参考文献

[1] PHILLIPS C,SWILER L P.A graph-based system for network-vulnerability analysis[C]//Proceedings of IEEE Workshop on New Security Paradigms.Washington D.C.,USA:IEEE Press,1998:71-79.
[2] LIU Weixin,ZHENG Kangfeng,WU Bin,et al.Alert processing based on attack graph and multi-source analyzing[J].Journal on Communications,2015,36(9):135-144.(in Chinese)刘威歆,郑康锋,武斌,等.基于攻击图的多源告警关联分析方法[J].通信学报,2015,36(9):135-144.
[3] MUÑOZ-GONZÁLEZ L,SGANDURRA D,BARRÈRE M,et al.Exact inference techniques for the analysis of Bayesian attack graphs[EB/OL].[2020-10-20].https://arxiv.org/abs/1510.02427.
[4] WANG Hui,ZHAO Ya,ZHANG Juan,et al.Research on attack path prediction based on PANAG model[J]. Computer Engineering,2020,46(9):154-162.(in Chinese)王辉,赵雅,张娟,等.基于PANAG模型的攻击路径预测研究[J].计算机工程,2020,46(9):154-162.
[5] ALGARNI A,XU Y,CHAN T.Social engineering in social networking sites:the art of impersonation[C]//Proceedings of IEEE International Conference on Services Computing.Washington D.C.,USA:IEEE Press,2014:587-696.
[6] FIRE M,GOLDSCHMIDT R,ELOVICI Y.Online social networks:threats and solutions survey[EB/OL].[2020-10-20].https://arxiv.org/abs/1303.3764.
[7] Chinese Information Society of China.2018 knowledge graph development report[EB/OL].[2020-10-20].http://www.199it.com/archives/577392.html.(in Chinese)中国中文信息学会.2018知识图谱发展报告[EB/OL].[2020-10-20].http://www.199it.com/archives/577392.html.
[8] YE Ziwei,GUO Yuanbo,WANG Chendong,et al.Summary of application research on attack graph technology[J].Journal on Communications,2017,38(11):121-132.(in Chinese)叶子维,郭渊博,王宸东,等.攻击图技术应用研究综述[J].通信学报,2017,38(11):121-132.
[9] KOTENKO I V,STEPASHKIN M.Attack graph based evaluation of network security[C]//Proceedings of International Conference on Communications & Multimedia Security.Berlin,Germany:Springer,2006:132-146.
[10] WU Shuyu,LI Bo.Attack graph generation algorithm based on attack mode breadth search[J].Journal of Chongqing Technology and Business University (Natural Science Edition),2012,29(12):44-48.(in Chinese)吴淑语,李波.基于攻击模式的广度搜索攻击图生成算法[J].重庆工商大学学报(自然科学版),2012,29(12):44-48.
[11] QIN Hu,WANG Jianli,PENG Xiaoyao.Attack graph generation method based on privilege escalation matrix[J].Journal of Beijing Institute of Technology,2019,39(1):101-105.(in Chinese)秦虎,王建利,彭逍遥.基于权限提升矩阵的攻击图生成方法[J].北京理工大学学报,2019,39(1):101-105.
[12] ZHANG Xueqin,ZHANG Li,GU Chunhua.Quantitative assessment of social engineering threat in social network[J].Journal of Zhejiang University (Engineering Science),2019,53(5):837-842.(in Chinese)张雪芹,张立,顾春华.社交网络中社会工程学威胁定量评估[J].浙江大学学报(工学版),2019,53(5):837-842.
[13] ZHENG Kangfeng,WU Tong,WANG Xiuhuan,et al.A session and dialogue based social engineering framework[J].IEEE Access,2019,7:67781-67794.
[14] BECKERS K,KRAUTSEVICH L,YAUTSIUKHIN A.Analysis of social engineering threats with attack graphs[C]//Proceedings of Annual European Research Event in Computer Security,Data Privacy Management International Workshop.Wroclaw,Poland:[s.n.],2014:216-232.
[15] IANNACONE M,BOHN S,NAKAMURA G,et al.Developing an ontology for cyber security knowledge graphs[C]//Proceedings of Cyber & Information Security Research Conference.New York,USA:ACM Press,2015:1-4.
[16] JIA Yan,QI Yulu,Shang Huaijun,et al.A practical approach to constructing a knowledge graph for cybersecurity[J].Engineering,2018,4(1):53-60.
[17] XU Guangquan,CAO Yan,REN Yuanyuan,et al.Network security situation awareness based on semantic ontology and user-defined rules for Internet of things[J].IEEE Access,2017,8:169676-169687.
[18] YE Ziwei,GUO Yuanbo,LI Tao,et al.An extended attack graph generation method based on knowledge graph[J].Computer Science,2019,46(12):165-173.(in Chinese)叶子维,郭渊博,李涛,等.一种基于知识图谱的扩展攻击图生成方法[J].计算机科学,2019,46(12):165-173.
[19] FINKEL J R,GRENAGER T,MANNING C.Incorporating non-local information into information extraction systems by Gibbs sampling[C]//Proceedings of the 43rd Annual Meeting of the Association for Computational Linguistics.Stroudsburg,USA:Association for Computational Linguistics,2005:363-370.
[20] REHMAN M S,MUSTAFA P K.Software design level vulnerability classification model[J].Computer Science Journals,2012,6(4):238-255.
[21] QIN Ya,SHEN Guowei,ZHAO Wenbo,et al.A network security entity recognition method based on feature template and CNN-BiLSTM-CRF[J].Frontiers of Information Technology & Electronic Engineering,2019,20(6):872-884.
[22] GUAN Saiping,JIN Xiaolong,JIA Yantao,et al.Knowledge reasoning over knowledge graph:a survey[J].Journal of Software,2018,29(10):2966-2994.(in Chinese)官赛萍,靳小龙,贾岩涛,等.面向知识图谱的知识推理研究进展[J].软件学报,2018,29(10):2966-2994.
[23] WANG Huiping.The design and implementation of the enterprise's internal instant messaging system[D].Hohhot:Inner Mongolia University,2019.(in Chinese)王慧平.企业内部即时通信系统的设计与实现[D].呼和浩特:内蒙古大学,2019.
[24] ZOU Yuchun,ZHOU Xiaochun.Survey of current Chinese social trust[N].Beijing Daily,2016-06-13(3).(in Chinese)邹宇春,周晓春.当前中国社会信任度调查[N].北京日报,2016-06-13(3).

选择文件类型/文献管理软件名称

选择包含的内容