基于攻击图的网络安全度量研究综述

doi:10.11959/j.issn.2096-109x.2018072

Abstract

Abstract:

One of the main challenges of network security metrics is how to accurately identify the intrusion of the intruders exploiting the dependence between the vulnerabilities for threat propagation in the target network system as well as to quantify the potential impact on the network system.Because of its superior performance of visual display,the attack graph becomes one of the effective ways to solve the problem.Firstly,the concept,development and general metric models of security metrics were introduced.Secondly,the related researches with respect to attack graph construction,classification and application were discussed.Thirdly,a hierarchical framework for security metric using attack graph was proposed,and then existing methods of network security metric were summarized from three levels (key “point”,attack “line” and situation “plane”).Finally,the difficult issues and development trends for the current research were discussed.

Key words: network security metric, attack graph, security vulnerability, alert analysis, quantitative assessment

CLC Number:

TP393.8

Hao HU, Yuling LIU, Yuchen ZHANG, Hongqi ZHANG. Survey of attack graph based network security metric[J]. Chinese Journal of Network and Information Security, 2018, 4(9): 1-16.

Figures/Tables 10

References 65

[1]	江健, 诸葛建伟, 段海新 ,等. 僵尸网络机理与防御技术[J]. 软件学报, 2012,23(1): 82-96.
	JIAN J J , ZHUGE J W , DUAN H X ,et al. Research on Botnet mechanisms and defenses[J]. Journal of Software, 2012,23(1): 82-96.
[2]	ROBERTS F S . Measurement theory with applications to decisionmaking,utility,and the social sciences[M]. Addison- Wesley Advanced Book Program, 1979.
[3]	SADEMIES A , . Process approach to information security metrics in Finnish industry and state institutions[C]// Intrinsic Multiscale Structure and Dynamics in Complex Electronic Oxides. 2004.
[4]	陈长松 . 信息安全测量与态势分析关键技术研究[D]. 上海:上海交通大学, 2012.
	CHEN C S . Research on key technologies of information security measurement and situation analysis[D]. Shanghai:Shanghai Jiaotong University, 2012.
[5]	OU X , BOYER W F , MCQUEEN M A . A scalable approach to attack graph generation[C]// ACM Conference on Computer and Communications Security (CCS 2006). 2006: 336-345.
[6]	SHEYNER O , WING J . Tools for generating and analyzing attack graphs[J]. Lecture Notes in Computer Science, 2003,3188: 344-372.
[7]	OU X , GOVINDAVAJHALA S , APPEL A W . MulVAL:a logic-based network security analyzer[J]. Usenix Security Symposium, 2005:8.
[8]	JAJODIA S , NOEL S . Topological vulnerability analysis:apowerful new approach for network attack prevention,detection,and response[J]. Algorithms,Architectures And Information Systems Security, 2005: 285-305.
[9]	BEALE J , DERAISON R , MEER H ,et al. Nessus network auditing[M]. Elsevier, 2004.
[10]	HUSTON B . Skybox view 3.0[J]. Information Security, 2006:
[11]	SHEYNER , MIKHAIL O . Scenario graphs and attack graphs[J]. Dissertation Abstracts International, 2004: 65-03.
[12]	DANFORTH M , . Scalable patch management using evolutionary analysis of attack graphs[C]// Seventh International Conference on Machine Learning and Applications. 2008: 300-307.
[13]	DACIER M , DESWARTE Y . Privilege graph:an extension to the typed access matrix model[C]// Computer Security - ESORICS 94,Third European Symposium on Research in Computer Security. 1994: 319-334.
[14]	PHILLIPS C , SWILER L P . A graph-based system for nework-vulnerability analysis[C]// The 1998 Workshop on New Secruity Paradigms. 1998: 71-79.
[15]	CIMATTI A , CLARKE E , GIUNCHIGLIA F ,et al. NUSMV:a new symbolic model checker[J]. International Journal on Software Tools for Technology Transfer, 2000,2(4): 410-425.
[16]	TEMPLETON S J , LEVITT K . A requires/provides model for computer attacks[C]// The ACM Workshop on New Security Paradigms. 2001: 31-38.
[17]	叶云, 徐锡山, 齐治昌 ,等. 大规模网络中攻击图自动构建算法研究[J]. 计算机研究与发展, 2013,50(10): 2133-2139.
	YE Y , XU X S , QI Z C ,et al. Attack graph generation algorithm for large-scale network system[J]. Journal of Computer Research and Development, 2013,50(10): 2133-2139.
[18]	AMMANN P , WIJESEKERA D , KAUSHIK S . Scalable,graph-based network vulnerability analysis[C]// ACM Conference on Computer and Communications Security (CCS 2002). 2002: 217-224.
[19]	陈恺, 冯登国, 苏璞睿 ,等. 一种多周期漏洞发布预测模型[J]. 软件学报, 2010,21(9): 2367-2375.
	CHEN K , FENG D G , SU P R ,et al. Multi-cycle vulnerability discovery model for prediction[J]. Journal of Software, 2010,21(9): 2367-2375.
[20]	聂楚江, 赵险峰, 陈恺 ,等. 一种微观漏洞数量预测模型[J]. 计算机研究与发展, 2011,48(7): 1279-1287.
	NIER C J , ZHAO X F , CHEN K ,et al. An software vulnerability number prediction model based on micro-parameters[J]. Journal of Computer Research and Development, 2011,48(7): 1279-1287.
[21]	高志伟, 姚尧, 饶飞 ,等. 基于漏洞严重程度分类的漏洞预测模型[J]. 电子学报, 2013,41(9): 1784-1787.
	GAO Z W , YAO Y , RAO F ,et al. Predicting model of vulnerabilities based on the type of vulnerability severity[J]. Acta Electronica Sinica, 2013,41(9): 1784-1787.
[22]	ARBAUGH WA , FITHEN WL , MCHUGH J . Windows of vulnerability:a case study analysis[J]. Computer, 2000,33(12): 52-59.
[23]	FREI S . Security econometrics:the dynamics of (in) security[D]. Sissach,Switzerland:ETH Zurich, 2009.
[24]	KAANICHE M , MARCONATO GV , NICOMETTE V . Security-related vulnerability life cycle analysis[C]// The 2013 IEEE International Conference on Risk and Security of Internet and Systems. 2013: 1-8.
[25]	宋明秋, 王磊磊, 于博 . 基于生命周期理论的安全漏洞时间风险研究[J]. 计算机工程, 2011,37(1): 131-133.
	SONG M Q , WANG L L , YU B . Research on time risk of security vulnerability based on lifecycle theory[J]. Computer Engineering, 2011,37(1): 131-133.
[26]	JUMRATJAROENVANIT A , TENG-AMNUAY Y , . Probability of attack based on system vulnerability life cycle[C]// The 2008 IEEE International Symposium on Electronic Commerce ＆ Security, 2008: 531-535.
[27]	JOH H , MALAIYA YK . A framework for software security risk evaluation using the vulnerability lifecycle and CVSS metrics[C]// The 2010 International Workshop on Risk ＆ Trust in Extended Enterprises. 2010: 430-434.
[28]	SHAHZAD M , SHAFIQ MZ , LIU AX . A large scale exploratory analysis of software vulnerability life cycles[C]// The 2012 IEEE International Conference on Software Engineering. 2012: 771-781.
[29]	COX JLAT . Some limitations of “risk= threat× vulnerability× consequence” for risk analysis of terrorist attacks[J]. Risk Analysis, 2008,28(6): 1749-1761.
[30]	MKPONG-Ruffin I , UMPHRESS D , HAMILTON J ,et al. Quantitative software security risk assessment model[C]// The ACM Workshop on Quality of Protection. 2007: 31-33.
[31]	付志耀, 高岭, 孙骞 ,等. 基于粗糙集的漏洞属性约简及严重性评估[J]. 计算机研究与发展, 2016,53(5): 1009-1017.
	FU ZY , GAO L , SUN Q ,et al. Evaluation of vulnerability severity based on rough sets and attributes reduction[J]. Journal of Computer Research and Development, 2016,53(5): 1009-1017.
[32]	HOUMB SH , FRANQUEIRA VNL , ENGUM EA . Quantifying security risk level from CVSS estimates of frequency and impact[J]. Journal of Systems ＆ Software, 2010,83(9): 1622-1634.
[33]	周亮, 李俊娥, 陆天波 ,等. 信息系统漏洞风险定量评估模型研究[J]. 通信学报, 2009,30(2): 71-76.
	ZAO L , LI J E , LU T B ,et al. Research on quantitative assessment model on vulnerability risk for information system[J]. Journal on Communication, 2009,30(2): 71-76
[34]	YU D , FRINCKE D . Improving the quality of alerts and predicting intruder’s next goal with hidden colored Petri-net[J]. Computer Networks, 2007,51(3): 632-654.
[35]	SHEYNER O , HAINES J , JHA S ,et al. Automated generation and analysis of attack graphs[C]// The 2002 IEEE Symposium on Security and Privacy. 2002: 273-284.
[36]	彭武, 胡昌振, 姚淑萍 ,等. 基于时间自动机的入侵意图动态识别方法[J]. 计算机研究与发展, 2011,48(7): 1288-1297.
	PENG W , HU C Z , YAO S P ,et al. A dynamic intrusive intention recognition method based on timed automata[J]. Journal of Computer Research and Development, 2011,48(7): 1288-1297.
[37]	鲍旭华, 戴英侠, 冯萍慧 ,等. 基于入侵意图的复合攻击检测和预测算法[J]. 软件学报, 2005,16(12): 2132-2138.
	BAO X H , DAI Y X , FENG P H ,et al. A detection and forecast algorithm for multi-step attack based on intrusion intention[J]. Journal of Software, 2005,16(12): 2132-2138.
[38]	陈小军, 方滨兴, 谭庆丰 ,等. 基于概率攻击图的内部攻击意图推断算法研究[J]. 计算机学报, 2014,37(1): 62-72.
	CHEN X J , FANG B X , TAN Q F ,et al. Inferring attack intent of malicious insider based on probabilistic attack graph model[J]. Chinese Journal of Computers, 2014,37(1): 62-72.
[39]	诸葛建伟, 韩心慧, 叶志远 ,等. 基于扩展目标规划图的网络攻击规划识别算法[J]. 计算机学报, 2006,29(8): 1356-1366.
	ZHUGE J W , HAN X H , YE Z Y ,et al. A network attack plan recognition algorithm based on the extended goal graph[J]. Journal of Computers, 2006,29(8): 1356-1366.
[40]	吕慧颖, 彭武, 王瑞梅 ,等. 基于时空关联分析的网络实时威胁识别与评估[J]. 计算机研究与发展, 2014,51(5): 1039-1049.
	LV H Y , PENG W , WANG R M ,et al. A real-time network threat recognition and assessment method based on association analysis of time and space[J]. Journal of Computer Research and Development, 2014,51(5): 1039-1049.
[41]	王硕, 汤光明, 寇广 ,等. 基于因果知识网络的攻击路径预测方法[J]. 通信学报, 2016,37(10): 188-198.
	WANG S , TANG G , KOU G ,et al. Attack route prediction method based on causal knowledge[J]. Journal on Communications, 2016,37(10): 188-198.
[42]	SARRAUTE C , RICHARTE G , LUCáNGELI OBES J . An algorithm to find optimal attack routes in nondeterministic scenarios[C]// The 4th ACM Workshop on Security and Artificial Intelligence. 2011: 71-80.
[43]	ORTALO R , DESWARTE Y , KAANICHE M . Experimenting with quantitative evaluation tools for monitoring operational security[J]. IEEE Transactions on Software Engineering, 1999,25(5): 633-50.
[44]	LI W , VAUGHN R B . Cluster security research involving the modeling of network exploitations using exploitation graphs[C]// IEEE International Symposium on CLUSTER Computing and the Grid. 2006:26.
[45]	IDIKA N , BHARGAVA B . Extending attack graph-based security metrics and aggregating their application[J]. IEEE Transactions on Dependable ＆ Secure Computing, 2012,9(1): 75-85.
[46]	BOPCHE G S , MEHTRE B M . Graph similarity metrics for assessing temporal changes in attack surface of dynamic networks[J]. Computers ＆ Security, 2016,64: 16-43.
[47]	DAI F , HU Y , ZHENG K ,et al. Exploring risk flow attack graph for security risk assessment[J]. IET Information Security, 2015,9(6): 344-353.
[48]	ABRAHAM S , NAIR S . a predictive framework for cyber security analytics using attack graphs[J]. International Journal of Computer Networks ＆ Communications, 2015,7(1).
[49]	刘强, 殷建平, 蔡志平 ,等. 基于不确定图的网络漏洞分析方法[J]. 软件学报, 2011,22(6): 1398-1412.
	LIU Q , YIN J P , CAI Z P ,et al. Uncertain-graph based method for network vulnerability analysis[J]. Journal of Software, 2011,22(6): 1398-1412.
[50]	ZHU B , GHORBANI A A . Alert correlation for extracting attack strategies[J]. International Journal of Network Security, 2006,3(3): 244-258.
[51]	BOPCHE G S , MEHTRE B M . Graph similarity metrics for assessing temporal changes in attack surface of dynamic networks[J]. Computers ＆ Security, 2016,64: 16-43.
[52]	NAYOT P , RINKU D , INDRAJIT R . Dynamic security risk management using Bayesian attack graphs[J]. IEEE Trans on Dependable ＆Secure Computing, 2012,9(1): 61-74
[53]	QU Z Y , LI Y Y , LI P . A network security situation evaluation method based on D-S evidence theory[C]// 2010 International Conference on Environmental science and information application technology (ESIAT). 2010: 496-499.
[54]	席荣荣, 云晓春, 张永铮 ,等. 一种改进的网络安全态势量化评估方法[J]. 计算机学报, 2015,38(4): 749-758.
	XI R R , YUN X C , ZHANG Y Z ,et al. An improved quantitative evaluation method for network security[J]. Journal of Computers, 2015,38(4): 749-758.
[55]	杨豪璞, 邱辉, 王坤 . 面向多步攻击的网络安全态势评估方法[J]. 通信学报, 2017,38(1): 187-198.
	YANG H P , QIU H , WANG K . Network security situation evaluation method for multi-step attack[J]. Journal on Communications, 2017,38(1): 187-198
[56]	刘玉岭, 冯登国, 连一峰 ,等. 基于时空维度分析的网络安全态势预测方法[J]. 计算机研究与发展, 2014,51(8): 1681-1694.
	LIU Y L , FENG D G , LIAN Y F ,et al. Network situation prediction method based on spatial-time dimension analysis[J]. Journal of Computer Research and Development, 2014,51(8): 1681-1694.
[57]	LINGL J,SUL , WANG H F ,et al. An ARIMA-ANN hybrid model for time series forecasting[J]. Systems Research and Behavioral Science, 2013,30(3): 1092-7026.
[58]	GE P , WAMG J , REN P ,et al. A new improved forecasting method integrated fuzzy time series with the exponential smoothing method[J]. International Journal of Environment and Pollution, 2013,51(3/4): 206-221.
[59]	LIU S , LIU Y . Network security risk assessment method based on HMM and attack graph model[C]// IEEE/ACIS International Conference on Software Engineering,Artificial Intelligence,Networking and Parallel/Distributed Computing. 2016: 517-522.
[60]	FREDJ O B . A realistic graph based alert correlation system[J]. Security ＆ Communication Networks, 2015,8(15): 2477-2493.
[61]	GHASEMIGOL M , GHAEMI B A , TAKABI H . A comprehensive approach for network attack forecasting[J]. Computers ＆ Security, 2016,58: 83-105.
[62]	WANG Y , LI J , MENG K ,et al. Modeling and security analysis of enterprise network using attack-defense stochastic game Petri nets[J]. Security ＆ Communication Networks, 2013,6(1): 89-99.
[63]	张勇, 谭小彬, 崔孝林 ,等. 基于Markov博弈模型的网络安全态势感知方法[J]. 软件学报, 2011,22(3): 495-508.
	ZHANG Y , TAN X B , CUI X L ,et al. Network security situation awareness approach based on Markov game model[J]. Journal of Software, 2011,22(3): 495-508.
[64]	CHEN G , SHEN D , KWAN C ,et al. Game theoretic approach to threat prediction and situation awareness[C]// IEEE International Conference on Information Fusion. 2006: 1-8.
[65]	WU J , OTA K , DONG M ,et al. Big data analysis based security situational awareness for smart grid[J]. IEEE Transactions on Big Data, 2016.

Metrics

Recommended 0

No Suggested Reading articles found!

采用方法	节点	边	单调性	搜索策略
	否	网络状态	状态转换	逆向
模型检测
	是	主机状态	原子攻击	深度优先
逻辑推理	是	逻辑状态、攻击规则	依赖关系	逆向
基于图论	是	状态、条件及漏洞节点	依赖关系	广度优先

构建工具	是否开源	展示界面	复杂度	特点
MuVAL	是	命令行界面	O(n²)	攻击图生成准确度高
TVA	否	图形界面	O(n⁶)	实现网络渗透的自动分析，商用软件，收费昂贵
NetSPA	否	图形界面	O(nlogn)	环形攻击图，商用软件
Skybox View	否	图形界面	O(nlogn)	网络配置信息采集全面，商用软件
AGT	否	图形界面	O(2ⁿ)	Linux平台工具，生成复杂度高

Survey of attack graph based network security metric

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 10

References 65

Related Articles 5

Metrics

Recommended 0

[1]	Wenfu LIU, Jianmin PANG, Xin ZHOU, Nan LI, Feng YUE. Research on network risk assessment based on attack graph of expected benefits-rate [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 87-97.
[2]	Yaofang ZHANG, Zheyu ZHANG, Haikuo QU, Ge ZHANG, Zibo WANG, Bailing WANG. Key path analysis method for large-scale industrial control network [J]. Chinese Journal of Network and Information Security, 2021, 7(6): 31-43.
[3]	Qiang LENG,Yingjie YANG,Dexian CHANG,Ruixuan PAN,Ying CAI,Hao HU. Dynamic defense decision method for network real-time confrontation [J]. Chinese Journal of Network and Information Security, 2019, 5(6): 58-66.
[4]	Yuyang ZHOU, Guang CHENG, Chunsheng GUO. Risk assessment method for network attack surface based on Bayesian attack graph [J]. Chinese Journal of Network and Information Security, 2018, 4(6): 11-22.
[5]	Xin SUN,Yi-yang YAO,Xin-dai LU,Xue-jiao LIU,Yong-han WU. Research and implementation of fuzzing testing based on HTTP proxy [J]. Chinese Journal of Network and Information Security, 2016, 2(2): 75-86.