Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network attack target identification method and network attack target identification system based on attack graph

A network attack and target recognition technology, which is applied in the attack graph-based network attack target recognition method and system field, can solve the problems of low probability of attack intention realization and difficulty in accurately reflecting behavior intention, and achieve simple and convenient operation and low computational complexity Effect

Active Publication Date: 2018-08-17
PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
View PDF3 Cites 46 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In fact, because the attacker is not familiar with the network structure, the attacker often chooses the most likely attack target as the intrusion intention, and there may be repeated state transition behaviors in the actual attack scenario, resulting in a directed and cyclic attack graph, leading to ideal The realization probability of the attack intention in the scene is often smaller than the actual value, and it is difficult to accurately reflect the behavior intention of the attacker in the real world. How to ensure the accuracy and effectiveness of the intention evaluation, propose a reliable network attack target identification method, and objectively evaluate different attack intentions The probability of success, identifying the most likely attack target, and sorting the threat level of the target has become an urgent technical problem to be solved.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network attack target identification method and network attack target identification system based on attack graph
  • Network attack target identification method and network attack target identification system based on attack graph
  • Network attack target identification method and network attack target identification system based on attack graph

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] In order to make the purpose, technical solution and advantages of the present invention more clear and understandable, the present invention will be further described in detail below in conjunction with the accompanying drawings and technical solutions. The technical term involved in the embodiment is as follows:

[0043] In the practical application of network security, because the attacker is not familiar with the network structure, the attacker often chooses the most likely attack target as the intrusion intention, and there may be repeated state transition behaviors in the actual attack scenario, resulting in a directed and circular attack graph , resulting in the realization probability of the attack intention in the ideal scenario is often smaller than the actual value, it is difficult to accurately reflect the behavior intention of the attacker in the real world, and the accuracy and effectiveness of the intention assessment cannot be ensured. In view of this, a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the technical field of network security, and particularly relates to a network attack target identification method and a network attack target identification system based on an attack graph, wherein the method comprises the following steps: modeling for a state migration process of an attacker in a network, acquiring a network attack graph model and all possible attack paths, and generating a network attack graph; mapping the network attack graph to a Markov chain, and constructing a state transition probability matrix which absorbs the Markov chain; and in combinationwith the state transition probability matrix, acquiring an expectancy for success probability matrix of attack intention of the attacker; through the expectancy for success probability matrix, finding out a state node corresponding to the maximum probability value, and completing attack target identification. With the method and the system provided by the invention, an average probability value of realizing different intentions of the attacker can be evaluated more objectively and accurately, a problem that the conventional method is limited by ideal cumulative probability when evaluating probability of occurrence of attacks is solved, computation complexity is low, operations are simple and convention to execute, and more reliable guidance is provided for assisting a security administrator to make a decision and improving network security performance.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a network attack target identification method and system based on an attack graph. Background technique [0002] As an important part of network security situation awareness, attack target identification can judge the real purpose of the intruder and predict the follow-up behavior of the intruder, which is the premise and basis for threat analysis and decision-making response, and has become the focus of network security administrators. The alarm data is fused and correlated, the probability of the attack intention is calculated, the network security situation information is quantified, and the probability of the attack intention can be reduced through further protective measures or intrusion response, so that the network state can be migrated to a safe direction. However, as the scale of the network continues to increase and the network structure is complex ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24
CPCH04L41/145H04L41/147H04L63/20
Inventor 张红旗胡浩张玉臣杨超金辉汪永伟王义功潘瑞萱
Owner PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products