Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method for generating attack graphs based on status transition network attack model

A network attack and state transfer technology, applied in data exchange networks, digital transmission systems, electrical components, etc., can solve problems such as state explosion, attack graph differences, and increase the scale of attack graphs to improve accuracy, high accuracy, Intuitive effect

Inactive Publication Date: 2017-02-15
HENAN POLYTECHNIC UNIV
View PDF2 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Ritchey et al. proposed a model detector method that can automatically generate attack graphs. Although this method can automatically generate attack graphs, it can easily lead to state explosion problems and is not suitable for large-scale applications because the model contains all states. scale network
[0006] DapengMan's global attack graph generation algorithm based on breadth-first search reduces the scale of the attack graph by setting a threshold. Although this method can reduce the scale of the attack graph, due to the limitations of breadth-first search, this method generates The attack graph is not suitable for large-scale networks
[0007] The research of senior experts has made considerable achievements in related fields, but in the attack graph modeling process, the selected constraints are different and the emphasis on quantitative indicators is different, resulting in different attack graphs.
At the same time, the inevitable existence of redundant paths in the attack graph not only increases the scale of the attack graph but also affects the objectivity and accuracy of reflecting the real network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for generating attack graphs based on status transition network attack model
  • Method for generating attack graphs based on status transition network attack model
  • Method for generating attack graphs based on status transition network attack model

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0050] In order to make the purpose, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments.

[0051] figure 1 It is a network attack model (NST model) based on state transition. The NST model can be represented by a two-tuple, that is, NST=(NS, AR). Among them, NS is the set of network states that make up the model, and AR is the set of attack behavior rules.

[0052] The network state set NS is represented by the following triplet: NS=(Hd, Nl, Crol).

[0053] Hd is the host in the network, namely Hd=(hostid, os, sers, v). hostid is the unique identifier for distinguishing hosts in the network, which can be expressed by IP address; os is the version information of the operating system running on the host; sers indicates the open service of the host, which can be expressed by port number; v indicates the list of weaknesses on th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a method for generating attack graphs based on a status transition network attack model. According to the method, a queue structure is used to save status nodes that can be added to an attack graph, and then one of the status nodes is taken from the queue. Starting from the taken status node, other status nodes related to the taken status node are searched for. If the vulnerability of one other status node can be reached by attacking, and the depth and cost of vulnerability attacking are within acceptable limits, the other status node is joined in both of the queue and the attack graph, in such a way, the status nodes in the queue are looped out in sequence, the loop ends till the queue becomes empty, and the attack graph is generated. During estimation of the attacking cost, the correlation between the attack complexity value Acx and the risk value of being found Dsk is considered, which improves the generating accuracy of the attacking graph. In addition, by means of simulation experiments, the attack graph generated by the embodiment of the invention is more concise than that generated before the improvement disclosed in the invention.

Description

technical field [0001] The invention relates to network attack technology, in particular to an attack graph generation method based on a state transition network attack model. Background technique [0002] The factors affecting the security of the network are multi-faceted and multi-angled. The weaknesses and vulnerabilities in the network are one of the important factors affecting its security. The attacker's attack on the weakness in the network is actually based on the weakness information in the network and the target information, and uses some means to launch an attack to obtain important information or enhance the operation authority. At the same time, the attacker's ability, experience and dominating environment determine his attack success probability. Therefore, an attack targeting a vulnerability is usually a complex multi-step process. A complete attack process generally includes a series of individual attack behaviors, which occur in different network parts but ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24H04L29/06
Inventor 王辉陈甫旺刘琨贺军义汪志英
Owner HENAN POLYTECHNIC UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products