Network intrusion intention analysis model based on Bayesian attack graph

Zhiyong LUO; Xu YANG; Jiahui LIU; Rui XU

doi:10.11959/j.issn.1000-436x.2020172

您当前的位置：

首页 >

文章列表页 >

Network intrusion intention analysis model based on Bayesian attack graph

Papers | 更新时间：2024-06-05

- Network intrusion intention analysis model based on Bayesian attack graph
- Journal on Communications Vol. 41, Issue 9, Pages: 160-169(2020)
- 作者机构：
  
  哈尔滨理工大学计算机科学与技术学院，黑龙江哈尔滨 150080
- 作者简介：
- 基金信息：
  
  The National Natural Science Foundation of China(61403109)
- DOI：10.11959/j.issn.1000-436x.2020172
  CLC： TP393.4
- Online First：2020-09，
  
  Published：25 September 2020
- 稿件说明：
移动端阅览
Zhiyong LUO, Xu YANG, Jiahui LIU, et al. Network intrusion intention analysis model based on Bayesian attack graph[J]. Journal on Communications, 2020, 41(9): 160-169.
DOI：

Zhiyong LUO, Xu YANG, Jiahui LIU, et al. Network intrusion intention analysis model based on Bayesian attack graph[J]. Journal on Communications, 2020, 41(9): 160-169. DOI： 10.11959/j.issn.1000-436x.2020172.

摘要

针对目前网络风险评估模型中忽略攻击代价和入侵意图对网络安全产生影响的问题，为了准确评估目标网络风险，提出一种基于贝叶斯攻击图的网络入侵意图分析方法。利用由漏洞价值、攻击成本和攻击收益计算出的原子攻击概率，结合贝叶斯信念网络量化攻击图，建立静态风险评估模型，并利用入侵意图动态更新模型，实现对网络风险的动态评估，为攻击面动态防御措施提供了依据。实验表明，所提模型不但可以有效地评估网络整体的安全性，而且在预测攻击路径方面也具有可行性。

Abstract

Aiming at the problem of ignoring the impact of attack cost and intrusion intention on network security in the current network risk assessment model

in order to accurately assess the target network risk

a method of network intrusion intention analysis based on Bayesian attack graph was proposed.Based on the atomic attack probability calculated by vulnerability value

attack cost and attack benefit

the static risk assessment model was established in combination with the quantitative attack graph of Bayesian belief network

and the dynamic update model of intrusion intention was used to realize the dynamic assessment of network risk

which provided the basis for the dynamic defense measures of attack surface.Experiments show that the model is not only effective in evaluating the overall security of the network

but also feasible in predicting attack paths.

关键词

Keywords

references

罗智勇 , 杨旭 , 孙广路 , 等 . 基于马尔可夫的有限自动机入侵容忍系统模型 [J ] . 通信学报 , 2019 , 40 ( 10 ): 79 - 89 .

LUO Z Y , YANG X , SUN G L , et al . Finite automaton intrusion tolerance system model based on Markov [J ] . Journal on Communications , 2019 , 40 ( 10 ): 79 - 89 .

王帆 . 基于贝叶斯攻击图的网络安全风险评估方法研究 [D ] . 西安:西北大学 , 2018 .

WANG F . Research on network security risk assessment method based on Bayesian attack graph [D ] . Xi’an:Northwest University , 2018 .

PHILLIPS C , SWILER L P . A graph-based system for networ-k vulnerability analysis [C ] // 1998 Workshop on New Security Paradigms . New York:ACM Press , 1998 : 71 - 79 .

叶子维 , 郭渊博 , 王宸东 , 等 . 攻击图技术应用研究综述 [J ] . 通信学报 , 2017 , 38 ( 11 ): 121 - 132 .

YE Z W , GUO Y B , WANG C D , et al . Survey on application of attack graph technology [J ] . Journal on Communications , 2017 , 38 ( 11 ): 121 - 132 .

吴晨思 , 谢卫强 , 姬逸潇 , 等 . 网络系统安全度量综述 [J ] . 通信学报 , 2019 , 40 ( 6 ): 14 - 31 .

WU C S , XIE W Q , JI Y X , et al . Survey on network sy-stem security metrics [J ] . Journal on Communications , 2019 , 40 ( 6 ): 14 - 31 .

王硕 , 汤光明 , 王建华 , 等 . 基于因果知识网络的攻击场景构建方法 [J ] . 计算机研究与发展 , 2018 , 55 ( 12 ): 2620 - 2636 .

WANG S , TANG G M , WANG J H , et al . Attack scenarioconstruction method based on causal knowledge net [J ] . Journal of Computer Research and Development , 2018 , 55 ( 12 ): 2620 - 2636 .

胡浩 , 刘玉岭 , 张红旗 , 等 . 基于吸收Markov链的网络入侵路径预测方法 [J ] . 计算机研究与发展 , 2018 , 55 ( 4 ): 831 - 845 .

HU H , LIU Y L , ZHANG H Q , et al . Route prediction method for network intrusion using absorbing Markov chain [J ] . Journal of Computer Research and Development , 2018 , 55 ( 4 ): 831 - 845 .

雷程 , 马多贺 , 张红旗 , 等 . 基于变点检测的网络移动目标防御效能评估方法 [J ] . 通信学报 , 2017 , 38 ( 1 ): 126 - 140 .

LEI C , MA D H , ZHANG H Q , et al . Performance assessment approach based on change-point detection for network moving target defense [J ] . Journal on Communications , 2017 , 38 ( 1 ): 126 - 140 .

HU H , ZHANG H , YANG Y , et al . Security risk situation quantification method based on threat prediction for multimedia communication network [J ] . Multimedia Tools and Applications , 2018 , 77 ( 11 ): 1 - 31 .

王辉 , 鹿士凯 , 王银城 . 基于关联攻击图的入侵预测算法 [J ] . 计算机工程 , 2018 , 44 ( 7 ): 131 - 138 .

WANG H , LU S K , WANG Y C . Intrusion prediction algorithm based on correlation attack graph [J ] . Computer Engineering , 2018 , 44 ( 7 ): 131 - 138 .

秦虎 , 王建利 , 彭逍遥 . 基于权限提升矩阵的攻击图生成方法 [J ] . 北京理工大学学报 , 2019 , 39 ( 1 ): 101 - 105 .

QIN H , WANG J L , PENG X Y . Attack graph generation method based on privilege escalation matrix [J ] . Transactions of Beijing Institute of Technology , 2019 , 39 ( 1 ): 101 - 105 .

李艳 , 王纯子 , 黄光球 , 等 . 网络安全态势感知分析框架与实现方法比较 [J ] . 电子学报 , 2019 , 47 ( 4 ): 927 - 945 .

LI Y , WANG C Z , HUANG G Q , et al . A survey of architecture and implementation method on cyber security situation awareness analysis [J ] . Acta Electronica Sinica , 2019 , 47 ( 4 ): 927 - 945 .

JUKKA R . A look at the time delays in CVSS vulnerability scoring [J ] . Applied Computing and Informatics , 2019 , 15 ( 2 ): 1 - 18 .

马春光 , 汪诚弘 , 张东红 , 等 . 一种基于攻击意愿分析的网络风险动态评估模型 [J ] . 计算机研究与发展 , 2015 , 52 ( 9 ): 2056 - 2068 .

MA C G , WANG C H , ZHANG D H , et al . A dynamic network risk assessment model based on attacker’s inclination [J ] . Journal of Computer Research and Development , 2015 , 52 ( 9 ): 2056 - 2068 .

高妮 , 高岭 , 贺毅岳 , 等 . 基于贝叶斯攻击图的动态安全风险评估模型 [J ] . 四川大学学报(工程科学版) , 2016 , 48 ( 1 ): 111 - 118 .

GAO N , GAO L , HE Y Y , et al . Dynamic security risk assessment model based on bayesian attack graph [J ] . Journal of Sichuan University (Engineering Science Edition) , 2016 , 48 ( 1 ): 111 - 118 .

周余阳 , 程光 , 郭春生 . 基于贝叶斯攻击图的网络攻击面风险评估方法 [J ] . 网络与信息安全学报 , 2018 , 4 ( 6 ): 11 - 22 .

ZHOU Y Y , CHENG G , GUO C S . Risk assessment method for network attack surface based on Bayesian attack graph [J ] . Chinese Journal of Network and Information Security , 2018 , 4 ( 6 ): 11 - 22 .

Views

1796

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

Study of SDN intrusion intent identification algorithm based on Bayesian attack graph

Approach to making strategies for network security enhancement based on attack graphs

Method to generate attack graphs for assessing the overall security of networks

Multi-type honeypot deployment scheme based on Stackelberg game and DQN

Survey of research on Tor-based anonymous networking technologies

Related Author

Yu ZHANG

Qing WANG

Weiwei SONG

SI Jia-quan1

ZHANG Bing2

MAN Da-peng1

YANG Wu1

ZHOU Yuan2

Related Institution

Information Security Research Center, Harbin Engineering University

National Computer Network Emergency Response Technical Team/Coordination Center of China

School of Computer Science and Engineering, Xi’an University of Technology

School of Cyberspace Security, Zhengzhou University

Institute of Information Technology, Information Engineering University

AI问答

⁰