【摘要】：攻擊圖模型是網(wǎng)絡(luò)風(fēng)險(xiǎn)評(píng)估的主要技術(shù)之一,其通過攻擊步驟之間的因果關(guān)系來描述攻擊者從初始狀態(tài)到目標(biāo)狀態(tài)的攻擊過程,分析的整個(gè)過程也是以某種形式化方式表述的圖數(shù)據(jù)為基礎(chǔ)的,但分析時(shí)很少考慮網(wǎng)絡(luò)鏈路、網(wǎng)絡(luò)擁塞、入侵報(bào)警等不確定性。結(jié)合不確定圖的概念將攻擊圖擴(kuò)展為可能攻擊圖(PAG),給出了可能攻擊圖的構(gòu)建方法,同時(shí)基于可達(dá)概率提出了最大可達(dá)概率求解算法和最大攻擊子圖生成及最大可能攻擊路徑選取算法。實(shí)驗(yàn)結(jié)果表明,本文所提方法能夠在可接受的時(shí)間內(nèi)生成可能攻擊圖,并能夠有效地推測(cè)出攻擊意圖,為作為網(wǎng)絡(luò)管理員的管理方提供決策依據(jù)。
[Abstract]:Attack graph model is one of the main techniques of network risk assessment. It describes the attack process from initial state to target state by causality between attack steps. The whole process of analysis is also based on graph data expressed in some formal way, but the uncertainty such as network link, network congestion, intrusion alarm and so on is rarely considered in the analysis. Combined with the concept of uncertain graph, the attack graph is extended to possible attack graph (PAG), and the construction method of possible attack graph is given. at the same time, based on the reachability probability, the maximum reachability probability solution algorithm, the maximum attack subgraph generation and the maximum possible attack path selection algorithm are proposed. The experimental results show that the proposed method can generate the possible attack graph within an acceptable time, and can effectively infer the attack intention, which provides the decision basis for the management of the network administrator.
【作者單位】： 西安建筑科技大學(xué)管理學(xué)院;
【基金】：陜西省科學(xué)技術(shù)研究發(fā)展計(jì)劃(2013K1117) 陜西省重點(diǎn)學(xué)科建設(shè)專項(xiàng)資金(E08001) 陜西省教育廳科技計(jì)劃(12JK0789)
【分類號(hào)】：TP393.08
，

本文編號(hào)：2500295