Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network attack path prediction method based on attacker characteristic indexes

An attack path and network attack technology, applied in the field of network security, can solve problems such as practical limitations, inability to predict attack behavior, and inability to analyze network vulnerabilities, and achieve the effect of ensuring security.

Active Publication Date: 2021-05-14
BEIJING INSTITUTE OF TECHNOLOGYGY
View PDF10 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

From the attacker's point of view, after exploiting the first vulnerability, when facing the same vulnerability to be used again, the attacker must combine experience (knowledge of the vulnerability and attack proficiency, etc.) and ability (tools and techniques mastered) etc.), the possibility of the vulnerability being successfully exploited will increase, so the state probability of the node will be affected by nodes other than its parent node, but the Bayesian network cannot accurately describe this Happening
In addition, there are some studies that capture the attacker's attack data to analyze the characteristics of the attacker, but these methods cannot predict the attack behavior before the attack occurs, nor can they quickly detect the network topology after the network topology changes. Analyze the vulnerability in the network, so the practicability has certain limitations

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network attack path prediction method based on attacker characteristic indexes
  • Network attack path prediction method based on attacker characteristic indexes
  • Network attack path prediction method based on attacker characteristic indexes

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0057] In order to enable those skilled in the art to better understand the solutions of the present application, the technical solutions in the embodiments of the present application will be clearly and completely described below in conjunction with the drawings in the embodiments of the present application.

[0058] Based on the attack graph model, the present invention proposes a path quantification index with characteristics such as the attacker's behavior intention as the main research object, and uses the quantization index to predict the attack path in the attack graph. Since the real network environment and attack process of the attacker's attack are fully considered, the present invention can more accurately predict the attack path that the attacker may take. The main implementation steps of the present invention are as follows: firstly, scan the host computer in the network system and its services and loopholes, and use MulVAL to automatically generate the attack grap...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a network attack path prediction method based on an attacker characteristic index, and the method comprises the steps: firstly, providing a quantitative index of a network attack path from the perspective of an attacker in combination with an attack graph and a hidden Markov model, wherein the attack cost, the attack income and the attack profit reflect different optimal attack path selections of attackers with different intentions; secondly, an attack path in the attack graph being quantified and analyzed based on a quantitative index, and a network attack and defense scene being described more effectively; and finally, respectively adding the attack cost, the attack income and the attack profit of all vulnerabilities on each attack path to obtain the total attack cost, the total attack profit and the total attack profit of the whole attack path, and comparing the index values of the attack paths to obtain the attack cost, the total attack profit and the total attack profit of the whole attack path. Therefore, one or more attack paths which may be attacked by an attacker with relatively high risk can be found more accurately, a network administrator can be helped to know the network security condition more comprehensively, and the security of a network system can be ensured more efficiently.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a network attack path prediction method based on an attacker's characteristic index. Background technique [0002] A computer network contains many assets, such as hardware, software, databases, etc., and there are usually some loopholes or vulnerabilities in these assets. Vulnerabilities of network systems include software and hardware vulnerabilities, protocol defects, and configuration errors. Attackers can take advantage of these vulnerabilities to attack, causing key information leakage, system failure, etc., and causing damage to the security of the network system. Although these loopholes can be repaired, with continuous development, the scale of the network system is getting bigger and bigger, and there are more and more loopholes in it, and the cost of maintaining the network system is often limited, so administrators must monitor the network and T...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1433
Inventor 胡昌振王可惟单纯郭守坤宮英慧
Owner BEIJING INSTITUTE OF TECHNOLOGYGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com