【摘要】：攻擊圖模型是網(wǎng)絡(luò)風(fēng)險評估的主要技術(shù)之一,其通過攻擊步驟之間的因果關(guān)系來描述攻擊者從初始狀態(tài)到目標狀態(tài)的攻擊過程,分析的整個過程也是以某種形式化方式表述的圖數(shù)據(jù)為基礎(chǔ)的,但分析時很少考慮網(wǎng)絡(luò)鏈路、網(wǎng)絡(luò)擁塞、入侵報警等不確定性。結(jié)合不確定圖的概念將攻擊圖擴展為可能攻擊圖(PAG),給出了可能攻擊圖的構(gòu)建方法,同時基于可達概率提出了最大可達概率求解算法和最大攻擊子圖生成及最大可能攻擊路徑選取算法。實驗結(jié)果表明,本文所提方法能夠在可接受的時間內(nèi)生成可能攻擊圖,并能夠有效地推測出攻擊意圖,為作為網(wǎng)絡(luò)管理員的管理方提供決策依據(jù)。
[Abstract]:Attack graph model is one of the main techniques of network risk assessment. It describes the attack process from initial state to target state by causality between attack steps. The whole process of analysis is also based on graph data expressed in some formal way, but the uncertainty such as network link, network congestion, intrusion alarm and so on is rarely considered in the analysis. Combined with the concept of uncertain graph, the attack graph is extended to possible attack graph (PAG), and the construction method of possible attack graph is given. at the same time, based on the reachability probability, the maximum reachability probability solution algorithm, the maximum attack subgraph generation and the maximum possible attack path selection algorithm are proposed. The experimental results show that the proposed method can generate the possible attack graph within an acceptable time, and can effectively infer the attack intention, which provides the decision basis for the management of the network administrator.
【作者單位】： 西安建筑科技大學(xué)管理學(xué)院;
【基金】：陜西省科學(xué)技術(shù)研究發(fā)展計劃(2013K1117) 陜西省重點學(xué)科建設(shè)專項資金(E08001) 陜西省教育廳科技計劃(12JK0789)
【分類號】：TP393.08
，

本文編號：2500295