本文關鍵詞： -day 防御決策 防御方案 混合路徑攻擊圖(MPAG) 多目標優(yōu)化　出處：《浙江大學學報(工學版)》2017年09期 　論文類型：期刊論文

【摘要】：通過分析已知漏洞的共性,給出漏洞及其利用規(guī)則的形式描述.構造混合路徑攻擊圖(MPAG)模型,擴展攻擊圖的描述語義.將0-day漏洞利用產生的隱式攻擊路徑和已知漏洞產生的顯式攻擊路徑描述在同一攻擊圖中,并計算0-day漏洞利用率的風險.基于混合路徑攻擊圖和多目標優(yōu)化理論,給出防御方案生成方法及均衡生成成本和風險的防御方案.實驗結果表明:混合路徑攻擊圖能描述隱式攻擊路徑,同時可能引入同一場景下傳統(tǒng)攻擊圖中沒被利用過的已知漏洞;基于混合路徑攻擊圖生成的防御方案具有更好的路徑覆蓋率,能夠幫助安全管理員找出防御措施庫存在的遺漏.
[Abstract]:By analyzing the commonness of the known vulnerabilities, the formal description of the vulnerabilities and their utilization rules is given, and the MPAG model of the mixed path attack graph is constructed. Extend the description semantics of attack graph. The implicit attack path generated by 0-day vulnerability and the explicit attack path generated by known vulnerability are described in the same attack graph. Based on the mixed path attack graph and multi-objective optimization theory, the risk of 0-day vulnerability utilization is calculated. The method of generating defense scheme and the defense scheme with balanced generation cost and risk are given. The experimental results show that the hybrid path attack graph can describe the implicit attack path. At the same time, it is possible to introduce known vulnerabilities that have not been exploited in the traditional attack graph in the same scenario. The defense scheme based on the hybrid path attack graph has better path coverage, which can help security administrators to find out the missing stocks of defense measures.
【作者單位】： 北京航空航天大學計算機學院網絡技術北京市重點實驗室;
【基金】：國家自然科學基金資助項目(U1636208)
【分類號】：TP393.08
，

本文編號：1513789