Depth-first attack drawing generating method

A depth-first, attack graph technology, applied in the field of network attack sequence identification technology, can solve the problems of network state explosion, increase the scale of attack graph, and difficulty in attack graph analysis, and achieve the effect of reducing scale

Inactive Publication Date: 2008-07-16
HARBIN ENG UNIV
View PDF0 Cites 25 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For example, there are 100 hosts in the target network, and there is a privilege escalation vulnerability on each host. If the number of attack steps is not limited when generating the attack graph, in the worst case, the generated attack graph will contain an attack of length 100 path, which is obviously unrealistic
2) Attack path with low probability of success
[0006] It can b

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Depth-first attack drawing generating method
  • Depth-first attack drawing generating method
  • Depth-first attack drawing generating method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] The present invention is described in more detail below in conjunction with accompanying drawing example:

[0030] In order to realize the purpose of the present invention, the present invention provides a series of definitions at first:

[0031] Definition 1 (Attack Complexity). The attack complexity of a weakness is a measure of how easy it is for an attacker to successfully exploit that weakness.

[0032] The attack complexity of a vulnerability is affected by many factors, such as attack tools, attack time, and attacker experience. The calculation of the attack complexity of the weakness is essentially to establish a mapping from the high-dimensional attribute space to the low-dimensional attribute space. Through the investigation and statistics of a large number of security incidents, researchers found that there is a mapping relationship between the discovery and utilization cycle of vulnerabilities and the complexity of vulnerability attacks. This mapping relati...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a depth-first attack graph generation method. The steps are as follows: (1) the entire safety factors of the current network are collected to form an initial network state; (2) a prolog system is used to search the entire network states that an attacker is possible to pass through before a target state is reached; (3) attack routes are constructed according to the searched dependency relations among the network states; (4) the constructed attack routes are combined into a network attack graph. The invention has the advantages that: the depth-first generation algorithm decreases the scale of the attack graph, and can ensure that no non-target leaf node exists in the attack graph.

Description

(1) Technical field [0001] The invention relates to a network security protection method, in particular to an identification technology for network attack sequences. (2) Background technology [0002] At present, in the field of network vulnerability analysis, the existing vulnerability scanners have a good effect on the vulnerability scanning of single or multiple hosts in the target network. However, these tools only check security vulnerabilities from an isolated perspective, lacking correlation analysis between vulnerabilities. In reality, network attacks often need to exploit multiple vulnerabilities and cross the boundaries of multiple hosts. In order to analyze and evaluate network vulnerabilities more objectively, analysis tools are required to automatically establish systematic attack scenarios based on information such as vulnerabilities, network services, physical links, and access rights in the target network. In recent years, many research institutions have pr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/00H04L29/06
Inventor 杨武苘大鹏
Owner HARBIN ENG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap