计算机工程 ›› 2011, Vol. 37 ›› Issue (22): 12-18.doi: 10.3969/j.issn.1000-3428.2011.22.004

• 专栏 • 上一篇    下一篇

基于层次扩展SPN的网络攻击模型

黄光球,张 斌,王纯子   

  1. (西安建筑科技大学管理学院,西安 710055)
  • 收稿日期:2011-05-13 出版日期:2011-11-18 发布日期:2011-11-20
  • 作者简介:黄光球(1964-),男,教授、博士,主研方向:网络安全;张 斌,工程师、硕士;王纯子,博士
  • 基金项目:

    陕西省科学技术研究发展计划基金资助项目(2011K06- 08);陕西省教育厅科技计划基金资助项目(09JK524, 11JK0772)

Network Attack Model Based on Hierarchical Expanded Stochastic Petri Net

HUANG Guang-qiu, ZHANG Bin, WANG Chun-zi   

  1. (School of Management, Xi’an University of Architecture and Technology, Xi’an 710055, China)
  • Received:2011-05-13 Online:2011-11-18 Published:2011-11-20

摘要:

当前网络攻击模型对于复杂系统的建模能力较差。为此,提出一种基于层次扩展随机Petri网的全网攻击模型。该模型对宏观网络攻击和微观主机攻击具有较好的综合描述能力,适用于网络协同式组合攻击行为的模拟,并能够有效解决网络状态空间爆炸问题。基于该模型,提出一种生成算法,通过对网络粗糙攻击路径的定义,给出挖掘主机结点间潜在的攻击关系算法。经过子网扩展后,利用蚁群算法找出k条最优攻击路径,通过对粗糙攻击路径和精确攻击路径的综合评价,给出网络危险性定量评估方法。

关键词: 网络攻击模型, 随机Petri网, 粗糙Petri网, 蚁群算法, 网络危险性评估, 攻击路径

Abstract:

Aiming at shortcomings that current network attack models can not be efficiently suitable for complicated network systems, a global network attack model based on the hierarchical expanded Stochastic Petri Net(SPN) is presented. The model can describe both macroscopic network attack and microcosmic host attack synthetically, and is very suitable for the cooperative attack simulation. It can solve efficiently the network states space explosion problem. Based on the model, the model generation algorithm is represented and potential attack relationships among hosts are dug for according to the definition of rough attack path. The Ant Colony Algorithm(ACA) is utilized to find k-critical vulnerable paths after expanding sub Petri net. By analyzing rough attack paths and accurate attack paths synthetically, a network risk evaluation method is proposed.

Key words: network attack model, Stochastic Petri Net(SPN), Rough Petri Net(RPN), Ant Colony Algorithm(ACA), network risk evaluation, attack path

中图分类号: