Network security analytical method for solving K maximum probability attack graph

Abstract

The invention disclose a network security analytical method for solving a K maximum probability attack graph. The method specially includes: step (1) typing in system information and inputting the value of a parameter K; step (2) initializing a system; step (3) counting nodes which can be attacked by an attacker currently; step (4) judging whether a loophole table is empty, entering the step (5) if the loophole table is empty, taking out head-of-line nodes of an available loophole table otherwise for loophole using, judging whether the number of existing attack paths of the nodes is smaller than K, updating loophole using information and the position of the attacker and entering the step (3) for executing if the number of existing attack paths of the nodes is smaller than K, and entering the beginning position of the step (4) for continuing executing otherwise; and step (5) generating front K paths with the maximum probability of all attack nodes and finishing operation. By storing and accumulating the front K attack paths with the maximum probability at the nodes, the problem of the front K attack paths with the maximum probability at the attack nodes is solved.

Description

technical field [0001] The invention relates to a network security analysis method, in particular to a network security analysis method for solving a K maximum probability attack graph. Background technique [0002] Network security is one of the key concerns of companies providing network services. Hacking incidents are on the rise. Service interruption or data leakage caused by hacking attacks has brought immeasurable losses to both enterprises and individual users. At present, stand-alone security scanning technology and network security scanning technology are relatively mature, which can find security vulnerabilities on a given computer and provide vulnerability repair patches. However, these security scanning tools lack the security correlation between various vulnerabilities in the system. The current attack method of hackers has developed from a single-step attack using a single system vulnerability to a multi-step cascading attack that gradually uses multiple system...

AI Technical Summary

Problems solved by technology

This method can be used to calculate the multi-step cascade attack existing in the network, but there are certain problems in this method: 1. The attack graph constructed by this method contains all the multi-step cascade attack paths existing in the network. When the number of network nodes such as hosts, servers, and routers is large, the generated attack graph contains a large number of attack paths. On the one hand, the attack graph becomes complicated and difficult to understand; 2. The attack graph generated by this method does not consider the difficulty of attacking each vulnerability. This method can give the attack steps of attacking each network node, but cannot directly calculate the success probability value of attacking each node

[0004] In the prior art, people such as Li Kai published "Network Security Evaluation Algorithm Based on Access Level Vectors" ("The Ninth Youth Computer Scientists" on "Proceedings of the 9th International Conference for Young Computer Scientists" 2008, 1538-1544 pages) Scientific Conference Proceedings, Network Security Assessment Algorithm Based on Access Level Vec

Images