计算机工程

• 安全技术 • 上一篇    下一篇

一种基于ATI的网络攻击路径预测方法

王辉1,2,王腾飞1,刘淑芬2   

  1. (1.河南理工大学 计算机科学与技术学院,河南 焦作 454000;2.吉林大学 计算机科学与技术学院,长春 130012)
  • 收稿日期:2015-09-14 出版日期:2016-09-15 发布日期:2016-09-15
  • 作者简介:王辉(1975-),男,副教授,主研方向为网络安全、无线传感器网络;王腾飞,硕士研究生;刘淑芬,教授、博士生导师。
  • 基金项目:
    国家自然科学基金资助项目(61300216);教育部博士点基金资助项目(20124116120004);河南省教育厅科学技术研究重点基金资助项目(13A510325)。

A Network Attack Path Prediction Method Based on ATI

WANG Hui  1,2,WANG Tengfei  1,LIU Shufen   2   

  1. (1.College of Computer Science and Technology,Henan Polytechnic University,Jiaozuo,Henan 454000,China; 2.College of Computer Science and Technology,Jilin University,Changchun 130012,China)
  • Received:2015-09-14 Online:2016-09-15 Published:2016-09-15

摘要: 传统基于贝叶斯网络攻击图的攻击路径预测方法容易产生冗余路径,节点置信度计算不够精确。为此,提出一种新的九元组攻击图模型。定义资源脆弱性指数和攻击行为风险的概念,结合攻击威胁性指数分析(ATI)方法,给出基于威胁性指数分析的攻击路径生成方法,通过将操作成本的概念引入到似然加权抽样法中,使节点置信度的计算更加精确,并尽可能避免冗余路径的产生。分析结果表明,该方法能有效减免冗余路径的产生,提高节点置信度计算结果的精度。

关键词: 攻击图, 攻击路径, 脆弱性评估, 攻击威胁, 似然加权抽样

Abstract: The traditional attack path prediction method based on Bayesian network attack graph is easy to produce redundant paths,and node confidence degree calculation is not precise enough.In order to solve these problems,this paper presents a new nine tuples attack graph model,and defines the resource vulnerability index and aggressive behavior risk.Combined with Attack Threat Index(ATI) analysis method,the attack path generation method based on threat index analysis is proposed.The concept of operating cost is introduced into the likelihood weighted sampling method to make node confidence degree calculation more precise and avoid redundant path generation.Analysis results show that the proposed method can effectively reduce the redundant path and improves the accuracy node confidence degree calculation.

Key words: attack graph, attack path, vulnerability assessment, attack threat, likelihood weighted sampling

中图分类号: