摘要： 现有的攻击图技术忽略了脆弱点之间的关联性，且大规模网络攻击图过于复杂。为解决上述问题，提出一种基于脆弱点利用(VE)关联的攻击图优化方法。对生成的攻击图进行预处理后，利用VE之间的关联性消除大规模网络攻击图中的冗余，并通过横向关联和纵向关联简化攻击图。仿真实验结果表明，该方法可以较好地优化攻击图的表达方式，为进行网络安全评估打下良好基础。

关键词: 网络安全, 脆弱点利用, 攻击图, 横向关联, 纵向关联, 安全评估

Abstract: Traditional attack graphs usually neglect the vulnerability correlation in network, and large-scale attack graphs are too complex. To solve the problems above, an optimization method for attack graph based on Vulnerability Exploit(VE) correlation is proposed. It eliminates the redundancy of attack graph by using the correlation between VE, and optimizes attack graph by transversal and vertical correlation, after pretreatment of the attack graph are generated. Experimental results show that the method can optimize the expression of attack graph better, and lay a good foundation for network security evaluation.

Key words: network security, Vulnerability Exploit(VE), attack graph, transversal correlation, vertical correlation, security evaluation

中图分类号: 

• TP309.2