Advanced Search
Volume 41 Issue 8
Aug.  2019
Turn off MathJax
Article Contents
Article Navigation >  Journal of Electronics & Information Technology  > 2019  >  41(8): 1838-1846
Yingjie YANG, Qiang LENG, Dexian CHANG, Ruixuan PAN, Hao HU. Research on Network Dynamic Threat Analysis Technology Based on Attribute Attack Graph[J]. Journal of Electronics & Information Technology, 2019, 41(8): 1838-1846. doi: 10.11999/JEIT181025
Citation: Yingjie YANG, Qiang LENG, Dexian CHANG, Ruixuan PAN, Hao HU. Research on Network Dynamic Threat Analysis Technology Based on Attribute Attack Graph[J]. Journal of Electronics & Information Technology, 2019, 41(8): 1838-1846. doi: 10.11999/JEIT181025
shu

Research on Network Dynamic Threat Analysis Technology Based on Attribute Attack Graph

doi: 10.11999/JEIT181025

  • Information Engineering University, Zhengzhou 450001, China

Funds:  The National High Technology Research and Development Program of China (2015AA016006), The National Key Research and Development Program of China (2016YFF0204003), The National Natural Science Foundation of China (61471344)
  • Received Date: 2018-11-07
  • Rev Recd Date: 2019-03-25
    • Available Online: 2019-04-22
  • Publish Date: 2019-08-01
    Abstract
  • Firstly, a network Dynamic Threat Attribute Attack Graph (DT-AAG) analysis model is constructed by using Attribute Attack Graph theory. On the basis of the comprehensive description of system vulnerability and network service-induced threat transfer relationship, a threat transfer probability measurement algorithm is designed in combination with Common Vulerability Scoring System (CVSS) vulnerability evaluation criteria and Bayesian probability transfer method. Secondly, based on the model, a Dynamic Threat Attribute Attack Graph generation Algorithm (DT-AAG-A) is designed by using the relationship between the threat and the vulnerability as well as the service. What’s more, to solve the problem that threat transfer loop existing in the generated attribute attack graph, the loop digestion mechanism is designed. Finally, the effectiveness of the proposed model and algorithm is verified by experiments.
    • FullText(HTML)
  • loading
    • References(19)
  • PHILLIPS C and SWILER L P. A graph-based system for network-vulnerability analysis[C]. The 1998 Workshop on New Security Paradigms, Charlottesville, Virginia, USA, 1998; 71–79.
    SWILER L P, PHILLIPS C, ELLIS D, et al. Computer-attack graph generation tool[C]. DARPA Information Survivability Conference and Exposition II, DISCEX’01, Anaheim, CA, USA, 2001, 2: 307–321.
    INGOLS K, CHU M, LIPPMANN R, et al. Modeling modern network attacks and countermeasures using attack graphs[C]. 2009 Annual Computer Security Applications Conference, Honolulu, Hawaii, USA, 2009: 117–126.
    黄永洪, 吴一凡, 杨豪璞, 等. 基于攻击图的APT脆弱节点评估方法[J]. 重庆邮电大学学报(自然科学版), 2017, 29(4): 535–541. doi: 10.3979/j.issn.1673-825X.2017.04.017

    HUANG Yonghong, WU Yifan, YANG Haopu, et al. Graph-based vulnerability assessment for APT attack[J]. Journal of Chongqing University of Posts and Telecommunications (Natural Science Edition), 2017, 29(4): 535–541. doi: 10.3979/j.issn.1673-825X.2017.04.017
    LEE J, MOON D, KIM I, et al. A semantic approach to improving machine readability of a large-scale attack graph[J]. The Journal of Supercomputing, 2018: 1–18. doi: 10.1007/s11227-018-2394-6
    胡浩, 刘玉岭, 张红旗, 等. 基于吸收Markov链的网络入侵路径预测方法[J]. 计算机研究与发展, 2018, 55(4): 831–845. doi: 10.7544/issn1000-1239.2018.20170087

    HU Hao, LIU Yuling, ZHANG Hongqi, et al. Route prediction method for network intrusion using absorbing markov Chain[J]. Journal of Computer Research and Development, 2018, 55(4): 831–845. doi: 10.7544/issn1000-1239.2018.20170087
    HU Hao, LIU Yuling, ZHANG Hongqi, et al. Security metric methods for network multistep attacks using AMC and big data correlation analysis[J]. Security and Communication Networks, 2018, 2018: 57871012. doi: 10.1155/2018/5787102
    吴迪, 连一峰, 陈恺, 等. 一种基于攻击图的安全威胁识别和分析方法[J]. 计算机学报, 2012, 35(9): 1938–1950. doi: 10.3724/SP.J.1016.2012.01938

    WU Di, LIAN Yifeng, CHEN Kai, et al. A security threats identification and analysis method based on attack graph[J]. Chinese Journal of Computers, 2012, 35(9): 1938–1950. doi: 10.3724/SP.J.1016.2012.01938
    HOMER J, ZHANG Su, OU Xinming, et al. Aggregating vulnerability metrics in enterprise networks using attack graphs[J]. Journal of Computer Security, 2013, 21(4): 561–597. doi: 10.3233/JCS-130475
    王会梅, 鲜明, 王国玉. 基于扩展网络攻击图的网络攻击策略生成算法[J]. 电子与信息学报, 2011, 33(12): 3015–3021. doi: 10.3724/SP.J.1146.2011.00414

    WANG Huimei, XIAN Ming, and WANG Guoyu. A network attack decision-making algorithm based on the extended attack graph[J]. Journal of Electronics &Information Technology, 2011, 33(12): 3015–3021. doi: 10.3724/SP.J.1146.2011.00414
    WANG Huan, CHEN Zhanfang, ZHAO Jianping, et al. A vulnerability assessment method in industrial internet of things based on attack graph and maximum flow[J]. IEEE Access, 2018, 6: 8599–8609. doi: 10.1109/ACCESS.2018.2805690
    张海霞, 苏璞睿, 冯登国. 基于攻击能力增长的网络安全分析模型[J]. 计算机研究与发展, 2007, 44(12): 2012–2019.

    ZHANG Haixia, SU Purui, and FENG Dengguo. A network security analysis model based on the increase in attack ability[J]. Journal of Computer Research and Development, 2007, 44(12): 2012–2019.
    SINGH U K, JOSHI C, and GAUD N. Information security assessment by quantifying risk level of network vulnerabilities[J]. International Journal of Computer Applications, 2016, 156(2): 37–44. doi: 10.5120/ijca2016912375
    胡浩, 叶润国, 张红旗, 等. 面向漏洞生命周期的安全风险度量方法[J]. 软件学报, 2018, 29(5): 1213–1229. doi: 10.13328/j.cnki.jos.005507

    HU Hao, YE Runguo, ZHANG Hongqi, et al. Vulnerability life cycle oriented security risk metric method[J]. Journal of Software, 2018, 29(5): 1213–1229. doi: 10.13328/j.cnki.jos.005507
    陈锋, 张怡, 苏金树, 等. 攻击图的两种形式化分析[J]. 软件学报, 2010, 21(4): 838–848. doi: 10.3724/SP.J.1001.2010.03584

    CHEN Feng, ZHANG Yi, SU Jinshu, et al. Two formal analyses of attack graphs[J]. Journal of Software, 2010, 21(4): 838–848. doi: 10.3724/SP.J.1001.2010.03584
    叶子维, 郭渊博, 王宸东, 等. 攻击图技术应用研究综述[J]. 通信学报, 2017, 38(11): 121–132. doi: 10.11959/j.issn.1000-436x.2017213

    YE Ziwei, GUO Yuanbo, WANG Chendong, et al. Survey on application of attack graph technology[J]. Journal on Communications, 2017, 38(11): 121–132. doi: 10.11959/j.issn.1000-436x.2017213
    CVSS v3.0 specification document[EB/OL]. https://www.first.org/cvss/specification-document, 2018.
    CVE. Common vulnerabilities and exposures[EB/OL]. http://cve.mitre.org/, 2018.
    NIST. National vulnerability database[EB/OL]. https://nvd.nist.gov/, 2018.
    • Relative Articles
    • Supplements(0)
    • Cited By
  • 加载中

Catalog

    通讯作者: 陈斌, bchen63@163.com
    • 1. 

      沈阳化工大学材料科学与工程学院 沈阳 110142

    1. 本站搜索
    2. 百度学术搜索
    3. 万方数据库搜索
    4. CNKI搜索

    Figures(7)  / Tables(5)

    Get Citation
    PDF
    XML

    Article Metrics

    Article views (2194) PDF downloads(88) Cited by()
    Proportional views
    Related

    © 2018 JOURNAL OF ELECTRONICS & INFORMATION TECHNOLOGY 京ICP备20021838号-8

    Institute of Electronics, Chinese Academy of Sciences, P.O.Box 2702, Beijing100190

    Tel:010-58887066Fax:021-64253812Email:jeit@mail.ie.ac.cn

    Supported by: Beijing Renhe Information Technology Co. Ltd

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return