Network attacker behavior analyzing method based on attack graph

A behavior analysis and network attack technology, applied in electrical components, transmission systems, etc., can solve problems such as inability to respond to attacks in a timely manner, errors, and the inability of the system to detect attacks, so as to improve network security defense capabilities, prevent network crimes, and improve defense. The effect of efficiency

Active Publication Date: 2017-03-22
HANGZHOU SUNYARD DIGITAL SCI
View PDF7 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, since the rule database and intrusion analysis module of the intrusion detection system need to change continuously with the emergence of new attack technologies, and the system cannot detect attacks that are not in the rule base, the intrusion detection system will fail to respond to the attack in time and respond to errors. The phenomenon

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network attacker behavior analyzing method based on attack graph
  • Network attacker behavior analyzing method based on attack graph
  • Network attacker behavior analyzing method based on attack graph

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] The present invention will be further explained below in conjunction with the embodiments and the accompanying drawings. The following examples are only used to illustrate the present invention, but are not intended to limit the scope of the present invention.

[0031] A network attacker behavior analysis method based on attack graph, such as figure 1 shown, including the following steps:

[0032] 1) Build a network attack behavior analysis model to attract attackers' attacks. The network attack behavior analysis model is the honeypot deployment network structure diagram as shown in figure 2 As shown, it is composed of SSH Gateway, Host and Collector, which are divided into three network segments to form a master-slave architecture; the SSH Gateway and host series machines are in the honeypot network segment, and the host series The machine and the controller are in the management network segment, and the SSH gateway and the controller are in the Internet network se...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a network attacker behavior analyzing method based on an attack graph. The method comprises the steps of establishing a network attacker behavior analyzing model and attracting attacks of attackers; carrying out comprehensive capturing on attack data through a data capturing mechanism; and generating an attack state transfer graph through combination of a finite-state machine and analyzing behaviors of the attackers according to possibility indexes of attack behaviors, skill level indexes of the attackers and destination indexes of the attackers. According to the network attacker behavior analyzing method based on the attack graph provided by the invention, the good foundation can be laid for design of an active defense system, the network attacks can be defended, the attacks can be prevented before the network attacks occur, one part of the attacks are screened, a cybercrime can be effectively prevented, the defense efficiency is improved, and the defense cost is reduced.

Description

technical field [0001] The invention relates to the field of active attack defense systems, in particular to an attack graph-based network attacker behavior analysis method. Background technique [0002] With the rapid development of computer networks, there are more and more ways of network attacks. Traditional network intrusion prevention technologies, such as firewalls and intrusion detection systems, have been difficult to deal with the endless attacks. In particular, most of these practical technologies are passive defense types, and cannot defend against the latest attacks in a timely manner. Although firewalls can prevent network attacks and improve network security to a certain extent, with the development of network attack technologies and the continuous emergence of tools, the weaknesses of firewalls will be exposed slowly, and attackers will easily Breaking through this layer of protection, another fatal flaw is the inability to protect against virus attacks. I...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 汪继锋颜炎程宏峰
Owner HANGZHOU SUNYARD DIGITAL SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap