Attack path analysis method based on hierarchical attack graph

An attack path and analysis method technology, applied in the field of attack path analysis based on a hierarchical attack graph, can solve problems such as poor real-time performance, and achieve the effects of reducing scale, improving real-time performance, and reducing time and space consumption

Active Publication Date: 2019-08-16
山西佳瑞通科技有限公司
View PDF8 Cites 31 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0014] The purpose of the present invention is to overcome the problem of poor real-time performance of attack path analysis in the prior art when the network scale is large, and to provide an attack path analysis method based on hierarchical attack graphs

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack path analysis method based on hierarchical attack graph
  • Attack path analysis method based on hierarchical attack graph
  • Attack path analysis method based on hierarchical attack graph

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0082] The present invention will be described in detail below in conjunction with the accompanying drawings and embodiments.

[0083] like Figures 1 to 7 As shown, an attack path analysis method based on hierarchical attack graph includes the following steps:

[0084] The network topology diagram of this embodiment is as follows figure 2As shown, the network has three main areas, which are external server area, internal server area, and user area. The external server area includes a web server and a SQL data server, which are used to provide external web browsing and information storage services, and are located in the 192.168.1.0 / 24 network segment; the internal server includes an smtp mail server, an ftp file server, and an SQL data server , providing internal mail communication, file transmission and information storage services, located in the 192.168.2.0 / 24 network segment. The user area is in the 192.168.3.0 / 24 network segment, including 20 hosts. The attacker is ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention belongs to the technical field of network security, and discloses an attack path analysis method based on a hierarchical attack graph. Firstly, dividing an original network into a plurality of logic subnets through a community discovery algorithm, wherein the logic subnets and connection relations thereof form a network logic structure; generating two layers of attack graphs based onthe network logic structure and the network basic information; and finally, reducing an attack path on the two layers of attack graphs by utilizing monotonicity of attack behaviors. The method comprises the following specific steps: (1) realizing community discovery; (2) establishing a hierarchical attack graph model; (3) generating an attack path; (4) analyzing the attack path to provide a defense strategy. According to the attack path analysis method, unreasonable attack path generation is avoided from the perspective of attackers, the real-time performance of attack path analysis is effectively improved, and the problem that an existing attack path analysis method is poor in real-time performance when the network scale is large and the vulnerability is high is solved.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to an attack path analysis method based on a hierarchical attack graph. Background technique [0002] With the rapid development of the Internet and its applications, various network attack technologies emerge in an endless stream, network security problems are becoming increasingly serious, and traditional network security defense technologies are no longer sufficient to deal with them. Implementing active defense by analyzing the overall security status of the network system has become a research hotspot in the field of network security. Among them, the attack path analysis can discover the weak links of the network system and further provide security strategies for the network system, which has attracted extensive attention of researchers. [0003] Attack path analysis is an analysis method that can provide effective defense strategies for network systems. In network s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24G06F21/55
CPCG06F21/55H04L41/145H04L63/1441H04L63/20
Inventor 宋礼鹏朱宇辉石琼贾彦丰
Owner 山西佳瑞通科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap