Abstract:

According to the possibility that an attacker can be detected during a network attack, an attack graph is transferred into a Petri Net, which is then expanded into an Expanded Petri Net(EPN). Attack costs of places are used to solve the optimum attach path and the total attack cost of an network attack; the concept of maximum flow is used defined the maximum burdening ability, and the concept of attack feasibility is put forward from the angle of two-dimensional analysis of network attack. The attack graph-based expanded Petri net attack net is represented, the ergodicity of the model’s related algorithms is assured by the EPN inference rules. When there are many arcs in an original attack graph, the complexity of the algorithm is lower than that of the Dijkstra algorithm. More is the paths among attack launching points and attack goals in an attack graph, more is efficient the algorithms. Results of a testing case show that the model can make a comprehensive analysis to network attack.

Key words: attack model, attack graph, Petri net, attack path, attack cost

摘要：

鉴于网络攻击过程中存在攻击者被检测到的可能性，将攻击图转化成Petri网并进行扩展生成EPN模型，依据库所的攻击成本值求解网络攻击的最佳攻击路径和攻击成本，基于最大流概念定义系统最大承受攻击能力。从二维角度分析网络攻击，提出攻击可行性概念及基于攻击图的扩充Petri网攻击模型，该模型相关算法的遍历性由EPN推理规则保证。当原攻击图的弧较多时，算法的复杂度低于Dijkstra算法，攻击图的攻击发起点和攻击目标点间的路径越多，算法越有效。实验结果证明，该模型可以对网络攻击过程进行高效的综合分析。

关键词: 攻击模型, 攻击图, Petri网, 攻击路径, 攻击成本

CLC Number: 

• TP393.08