Attack-oriented network security situation prediction method, device and system
A technology of network security and prediction method, applied in the field of network security, can solve problems such as weak prediction of emergencies, lack of dynamic correlation, lack of quantitative prediction of intrusion success time, etc., and achieve the goal of optimizing storage scale and timeliness, and high prediction efficiency Effect
Active Publication Date: 2018-09-04
PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
View PDF7 Cites 110 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
The current mainstream network security situation prediction methods are generally divided into the following three types: 1) Method based on time-space sequence analysis. The assumption of this method is that the change of security situation value has regularity and periodicity. The analysis of the security situation value, so as to realize the prediction of the network security trend, this method does not analyze the changes of the network security situation elements and the interaction between the dynamic security situation elements, so the mode is fixed, and the prediction of emergencies is not strong
2) A method based on game theory. In the offensive and defensive confrontation environment, this method uses game theory to dynamically select the optimal strategy selection for the attacker and the defender, and comprehensively analyzes the changes in the attacker, defender, and network environment information. The selection of elements is relatively comprehensive, and the application of game theory in the military field is relatively mature, but in the network environment, there are strong suddenness and too many unpredictable factors, so it is difficult to establish a game theory model for network attack and defense; and this method can only be used for Short-term forecasts of security trends, unable to give long-term forecasts of network situation
However, this method only considers the information of the attacker and the network environment, and the attack graph established by it is a static attack graph, ignoring the impact of the defender's strategy choice on the future security situation of the network.
In summary, there are some problems that need to be solved urgently in the existing methods: 1) Lack of dynamic correlation between the defender, the attacker and the environmental information and other situational elements
Existing methods are all predictions of the network for a period of time in the future, and the prediction is the next stage, which is ambiguous in time and lacks the quantitative prediction of the successful intrusion time of the attack
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0054] In order to make the objectives, technical solutions and advantages of the present invention clearer and more comprehensible, the present invention will be further described in detail below in conjunction with the accompanying drawings and technical solutions. The technical terms involved in the embodiment are as follows:
[0055] In the current network security situation prediction, attack threats and network vulnerabilities are mainly used as prediction elements. Because the prediction elements are single, they cannot meet the needs of managers to grasp the overall security of the network. They lack the dynamic correlation between the offensive and defensive parties and the network environment elements, and the modeling is difficult. Large, the model is immature, the prediction time period is relatively vague, and there is a lack of quantitative prediction of the time of successful attack. In view of this, the embodiment of the present invention provides an attack-orient...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more PUM
Login to view more Abstract
The invention belongs to the technical field of network security and particularly relates to an attack-oriented network security situation prediction method, device and system. The method comprises the following steps: detecting and collecting alarm data and network environment operation and maintenance information in a network countermeasure environment, obtaining an element set required by network security situation prediction, wherein the element set comprises three types of information of an attacker, a defense party and a network environment; evaluating the attacker capability and the level of the defense party, establishing a dynamic Bayesian attack graph, and calculating an attack phase number and an attack state occurrence probability vector; and combining a vulnerability scoring standard and network asset information, and performing time-space dimension quantification on the network security situation value. According to the method, dynamic association of the situation elements of the defense party, the attacker, the environment information and the like is achieved, the actual environment of the network is better conformed to, the future situation and the attack occurrencetime can be accurately predicted, higher prediction efficiency is achieved, and storage scale and timeliness of network security situation awareness are optimized, so as to provide more effective guidance for network protection.
Description
Technical field [0001] The invention belongs to the technical field of network security, and particularly relates to an attack-oriented network security situation prediction method, device and system. Background technique [0002] With the continuous expansion of the network scale, the combination of traditional industries and the Internet has become more and more extensive, and people's lives have been highly dependent on the Internet. The current network security environment is not optimistic. Network attacks are becoming more frequent and the threats and losses caused are increasing. Therefore, understanding, understanding and predicting the security status and development trend of the network in the complex and changeable network environment will help managers to grasp the network security status in time, and prevent possible future threats in advance to reduce attacks. Harm to the network. Network security situation prediction is an important part of security situation awa...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more Application Information
Patent Timeline
Login to view more Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24H04L12/26
CPCH04L9/0656H04L41/142H04L41/147H04L43/045H04L63/0245H04L63/1416H04L63/1433H04L63/20
Inventor 张玉臣胡浩邱辉张红旗汪永伟范钰丹何淼汪涛
Owner PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
Who we serve
- R&D Engineer
- R&D Manager
- IP Professional
Why Eureka
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Social media
Try Eureka
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.
© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap