Unlock instant, AI-driven research and patent intelligence for your innovation.

A Network Deception Efficiency Evaluation Method Based on Dynamic Bayesian Attack Graph

A dynamic Bayesian and effectiveness evaluation technology, applied in the field of cyberspace security, can solve problems such as lack of, deception defense effectiveness evaluation method, single defense level, etc., to achieve the effect of ensuring usability

Active Publication Date: 2022-03-25
SOUTHEAST UNIV
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, most of the existing research at home and abroad is only a qualitative evaluation of the defense methods proposed by themselves, and is limited to a single defense layer (such as network layer, system layer, application layer, etc.), lacking a unified and systematic evaluation of the effectiveness of deception defense. method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Network Deception Efficiency Evaluation Method Based on Dynamic Bayesian Attack Graph
  • A Network Deception Efficiency Evaluation Method Based on Dynamic Bayesian Attack Graph
  • A Network Deception Efficiency Evaluation Method Based on Dynamic Bayesian Attack Graph

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] The present invention will be further described below with reference to the embodiments and accompanying drawings.

[0030] Step 1: Before evaluating network spoofing, we first need to model the attack graph of the target network.

[0031] Use the general vulnerability scoring system CVSS to perform threat analysis on the vulnerabilities existing in the network;

[0032] For example, according to the calculation formula of the probability of successful exploitation of the vulnerability, the probability of successful exploitation of the vulnerability number CVE-2009-0180 is: P s = 0.5, where the exploit method AV is Network, the access complexity AC is Low, and no attacker authentication is required, that is, AU is None.

[0033] After determining the network topology, node connectivity and other elements, traverse the complete node state and attack path to realize the construction of the Bayesian attack graph.

[0034] Step 2: Verify the consistency of the nodes invol...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a network deception defense effectiveness evaluation method based on a dynamic Bayesian attack graph, which belongs to the field of network space security. This method analyzes the vulnerability factors in the current network, infers the attacker's ability, and constructs a dynamic Bayesian attack graph model; in view of the defense characteristics of network deception and forgery of real assets, the real node and the decoy node are comprehensively compared in terms of network characteristics, device fingerprints and Consistency in many aspects such as file attributes is used to analyze the concealment of deception schemes and judge whether the defense strategy can achieve the expected effect; and update the attack graph model according to the analysis results and attack-defense confrontation information, and give quantitative indicators to evaluate deception defense effectiveness. The method of the invention can be integrated on a server serving as a control center without modifying other nodes in the network, and has good applicability.

Description

technical field [0001] The invention belongs to the field of cyberspace security, and in particular relates to a network deception effectiveness evaluation method based on a dynamic Bayesian attack graph. Background technique [0002] Cyberspace deception is a defense mechanism evolved from honeypots. It does not focus on the characteristics of attack behavior but on the attacker itself. By interfering with the attacker's cognition, it prompts the attacker to take actions that are beneficial to the defender. Since attackers generally need to rely on the information obtained by network detection to determine the next attack behavior, the cyberspace deception defense technology can forge a fake data or a fake environment for the attacker to protect important assets inside the network, and record and analyze them. Attack activity to get more information about the attacker. Cyberspace deception defense technology does not try to build a system without loopholes, nor does it del...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40G06N7/00
CPCH04L63/1433H04L63/1416H04L63/1491H04L63/1483G06N7/01
Inventor 吴桦顾煜程光周余阳
Owner SOUTHEAST UNIV