Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network attack stage statistics and prediction method based on Markov chain

A Markov chain and network attack technology, applied in the field of network security, can solve problems such as large prediction deviation, large statistical deviation, and incomplete attack statistics, and achieve the effect of wide adaptability and improved accuracy

Active Publication Date: 2021-05-07
NO 15 INST OF CHINA ELECTRONICS TECH GRP
View PDF9 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Aiming at the problems of incomplete attack statistical data and large statistical deviation based on the incomplete data existing in the existing network attack statistical methods, the present invention discloses a network attack stage statistics and prediction method based on Markov chain, which is based on The state transition matrix in the Markov chain counts the detected network attack events, and makes appropriate corrections to the statistical results according to the characteristics of the transition matrix, and then uses the Markov chain to predict the attack stage that may occur later based on the transition matrix
Therefore, this method can effectively avoid the problem of large prediction deviation caused by incomplete statistics of the attack stage in the attack chain

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network attack stage statistics and prediction method based on Markov chain
  • Network attack stage statistics and prediction method based on Markov chain
  • Network attack stage statistics and prediction method based on Markov chain

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0043] In order to better understand the contents of the present invention, an example is given here.

[0044] The invention discloses a Markov chain-based network attack phase statistics and prediction method, figure 1 A network attack kill chain, attack method, and attack event performance diagram; figure 2 is an example of the Markov chain state transition matrix of the present invention; image 3 Set up the flowchart of Markov chain state transition matrix for the present invention; Figure 4 It is a flowchart of the modified Markov chain state transition matrix data of the present invention; Figure 5 It is a flow chart of predicting the attack stage in the network attack kill chain by Markov chain in the present invention. The concrete steps of the inventive method comprise:

[0045] S1. Establish a state transition matrix based on the Markov chain, establish a state space according to the attack process of the network attack kill chain, conduct probability statisti...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a network attack stage statistics and prediction method based on a Markov chain, and the method specifically comprises the steps: building a state transition matrix based on the Markov chain, building a state space according to the attack process of a network attack killing chain, and carrying out the probability statistics of the attack state transition of each attack method in the attack process; establishing a Markov chain state transition matrix; correcting the state transition matrix based on the Markov chain, and correcting missing or wrong state data caused by incomplete statistical data in the state transition matrix based on the Markov chain; and predicting an attack stage in the network attack killer chain by using a Markov chain model. According to the method, a network attack chain and a Markov chain which are widely used are combined, so that network attack event statistics is more suitable for being applied to prediction, and the accuracy of an attack prediction model is improved.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a method for using a Markov chain in a network killing chain to carry out statistics and prediction on a network attack stage. Background technique [0002] Usually, a network attack is composed of multiple attack stages, in which the success of the previous stage can trigger the next stage; and the failure of one stage means the failure of the entire attack. If the network attack detection is comprehensive and accurate, we can see that each attack method is connected from one stage to another, and the entire attack stage is similar to a chain. However, due to the long span of network attack events and many attack points (springboards, zombies, reflectors, etc.), it is extremely difficult to completely detect all stages of network attacks, resulting in the inability to fully grasp the entire network attack process. Accurately count the attack methods that oc...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F21/55G06N7/00
CPCH04L63/1416G06F21/554G06N7/01
Inventor 任传伦郭世泽官弼根吴栋夏建民俞赛赛刘晓影乌吉斯古愣孟祥頔
Owner NO 15 INST OF CHINA ELECTRONICS TECH GRP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com