Network spoofing performance evaluation method based on dynamic Bayesian attack graph

A dynamic Bayesian and effectiveness evaluation technology, applied in the field of cyberspace security, can solve problems such as lack of, deception defense effectiveness evaluation method, single defense level, etc., to achieve the effect of ensuring usability

Active Publication Date: 2020-07-03
SOUTHEAST UNIV
View PDF7 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, most of the existing research at home and abroad is only a qualitative evaluation of the defense methods proposed by themselves, and is limited to a single defense layer (such as network layer, system layer, application layer, etc.), lacking a unified and systematic evaluation of the effectiveness of deception defense. method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network spoofing performance evaluation method based on dynamic Bayesian attack graph
  • Network spoofing performance evaluation method based on dynamic Bayesian attack graph
  • Network spoofing performance evaluation method based on dynamic Bayesian attack graph

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] The present invention will be further described below in conjunction with the implementation examples and the accompanying drawings.

[0030] Step 1: Before evaluating network deception, attack graph modeling of the target network is first performed.

[0031] Use the Common Vulnerability Scoring System CVSS to conduct threat analysis on the vulnerabilities existing in the network;

[0032] For example, according to the formula for calculating the probability of successful exploitation of a vulnerability, the probability of successful exploitation of the vulnerability numbered CVE-2009-0180 is: P s =0.5, wherein, the vulnerability exploiting method AV is Network, the access complexity AC is Low, no authentication of the attacker is required, that is, AU is None.

[0033] After determining the network topology, node connectivity and other elements, traverse the complete node state and attack path to realize the construction of Bayesian attack graph.

[0034] Step 2: Ver...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a network spoofing defense efficiency evaluation method based on a dynamic Bayesian attack graph, and belongs to the field of network space security. The method comprises the following steps: speculating attacker ability by analyzing vulnerability elements in a current network, and constructing a dynamic Bayesian attack graph model; aiming at the defense characteristics ofnetwork spoofing and counterfeiting real assets, the consistency of real nodes and bait nodes in the aspects of network characteristics, equipment fingerprints, file attributes and the like is comprehensively compared, so that a spoofing scheme is subjected to concealment analysis, and whether a defense strategy can achieve an expected effect or not is judged; and updating the attack graph model according to the analysis result and the attack and defense confrontation information, and giving a quantitative index to evaluate the effectiveness of deception defense. The method can be integrated on a server serving as a control center, other nodes in the network do not need to be modified, and the method has good applicability.

Description

technical field [0001] The invention belongs to the field of network space security, and in particular relates to a network deception effectiveness evaluation method based on a dynamic Bayesian attack graph. Background technique [0002] Cyberspace deception is a defense mechanism evolved from honeypots. It does not focus on the characteristics of the attack behavior but the attacker itself. By interfering with the attacker's cognition, the attacker is prompted to take actions that are beneficial to the defender. Since attackers generally need to rely on the information obtained from network detection to determine the next attack behavior, cyberspace deception defense technology can forge a piece of false data or a false environment for the attacker to protect important assets inside the network, and record and analyze its Attack activity to get more information about the attacker. Cyberspace deception defense technology does not try to build a system without loopholes, nor...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06N7/00
CPCH04L63/1433H04L63/1416H04L63/1491H04L63/1483G06N7/01
Inventor 吴桦顾煜程光周余阳
Owner SOUTHEAST UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap