Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Optimal attack path planning method based on Q learning

An attack path, the best technology, applied in the field of information security, can solve problems such as state explosion, high algorithm overhead, and inability to quickly fit the best attack path.

Inactive Publication Date: 2017-11-03
BEIJING INSTITUTE OF TECHNOLOGYGY
View PDF0 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The problems of the attack path or protection path generation method based on the above two attack graphs are: ①The generation speed is slow; ②In order to solve the problem of state explosion, the method of limiting the attack path leads to incomplete attack paths and other problems.
However, due to the high algorithm overhead of this method, when faced with a large-scale computer cluster, even if the minimum attack graph is used, the optimal attack path cannot be quickly fitted.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Optimal attack path planning method based on Q learning
  • Optimal attack path planning method based on Q learning
  • Optimal attack path planning method based on Q learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] According to the above technical solutions, the present invention will be described in detail below in conjunction with the accompanying drawings and implementation examples.

[0038] Use the Q-learning-based optimal attack path planning method proposed by the present invention to find the optimal attack path in the network system, and its operation process is as follows figure 1 As shown, the specific operation steps are as follows:

[0039] Step 1: Obtain the network structure.

[0040] Such as figure 2 As shown, the initial defense strategy is set in the network system: external network personnel can access the host H in the DMZ area 2 , H 3 and H 4 browser and DNS domain name. Host H 2 and H 3 Can access H 4 The mail service in and the H 5 and H 6 SQL service on. Host H 7 For the FTP server, except the host H 8 In addition, other hosts can only read and download public files, but cannot modify files. Host H 2 , H 3 and H 4 Access to the management ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an optimal attack path planning method based on Q learning and belongs to the technical field of information security. The method comprises the following specific operating steps of step 1, obtaining a network structure; step 2, obtaining vulnerabilities in various hosts in the network system; step 3, establishing a Q learning model; and step 4, obtaining an optimal attack path through the Q learning model. Compared with the prior art, the optimal attack path planning method based on Q learning provided by the invention has the following advantages that (1) the network model is trained without collecting training data; (2) online learning can be carried out and the optimal attack paths corresponding to different moments and different network states can be determined in real time; (3) the learning rate utilizes an annealing model, so that the convergence is more accurate; (4) the optimal attack path generation speed is fast; and (5) generation of an attack graph is not needed, so that the method can be suitable for a large-scale computer cluster.

Description

technical field [0001] The invention relates to a Q-learning-based optimal attack path planning method, belonging to the technical field of information security. Background technique [0002] When infiltrating information system networks, attackers hope to choose an attack path with low cost and high return. Among them, the attack path with the largest attack return and attack cost is the best attack path. The method is mainly based on the attack graph to obtain all the attack paths between the source node and the target node, and then select one of these paths as the best attack path. [0003] At present, the more commonly used network attack graphs are: vulnerability-based network attack graph and network state-based attack graph. The problems of the attack path or protection path generation methods based on the above two attack graphs are: ① slow generation speed; ② in order to solve the problem of state explosion, the way of limiting the attack path is adopted, which le...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/751H04L29/06H04L45/02
CPCH04L45/02H04L63/1441
Inventor 胡昌振陈韵吕坤
Owner BEIJING INSTITUTE OF TECHNOLOGYGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com