Journal on Communications ›› 2017, Vol. 38 ›› Issue (11): 121-132.doi: 10.11959/j.issn.1000-436x.2017213
• Comprehensive Reviews • Previous Articles Next Articles
Zi-wei YE1,2,Yuan-bo GUO1,2,Chen-dong WANG1,2,An-kang JU1,2
Revised:
2017-11-06
Online:
2017-11-01
Published:
2017-12-13
Supported by:
CLC Number:
Zi-wei YE,Yuan-bo GUO,Chen-dong WANG,An-kang JU. Survey on application of attack graph technology[J]. Journal on Communications, 2017, 38(11): 121-132.
[1] | 国家计算机网络应急技术处理协调中心. 2016年中国互联网网络安全报告[M]. 北京: 人民邮电出版社, 2017: 15-89. |
National Internet Emergency Center. Report on China Internet network security in 2016[M]. Beijing: Posts & Telecommunications Press, 2017: 15-89. | |
[2] | PHILLIPS C , SWILER L P . A graph-based system for network-vulnerability analysis[C]// The 1998 Workshop on New Security Paradigms. ACM, 1998: 71-79. |
[3] | WANG S , ZHANG Z , KADOBAYASHI Y . Exploring attack graph for cost-benefit security hardening:a probabilistic approach[J]. Computers& Security, 2013,32(1): 158-169. |
[4] | HONG J , KIM D S . Harms:hierarchical attack representation models for network security analysis[C]// The 10th Australian Information Security Management Conference. Western Australia, 2012. |
[5] | KOTENKO I , STEPASHKIN M . Attack graph based evaluation of network security[C]// IFIP International Conference on Communications and Multimedia Security. Springer Berlin Heidelberg, 2006: 216-227. |
[6] | WANG L , ISLAM T , LONG T ,et al. An attack graph-based probabilistic security metric[C]// IFIP Annual Conference on Data and Applications Security and Privacy. Springer Berlin Heidelberg, 2008: 283-296. |
[7] | OU X , BOYER W F , MCQUEEN M A . A scalable approach to attack graph generation[C]// The 13th ACM conference on Computer and Communications Security. ACM, 2006: 336-345. |
[8] | HUANG H , ZHANG S , OU X ,et al. Distilling critical attack graph surface iteratively through minimum-cost sat solving[C]// 27th Annual Computer Security Applications Conference. ACM, 2011: 31-40. |
[9] | 陈锋, 毛捍东, 张维明 ,等. 攻击图技术研究进展[J]. 计算机科学, 2011,38(11): 12-18. |
CHEN F , MAO H D , ZHANG W M ,et al. Survey of attack graph technique[J]. Computer Science, 2011,38(11): 12-18. | |
[10] | LI H , WANG Y , CAO Y . Searching forward complete attack graph generation algorithm based on hypergraph partitioning[J]. Procedia Computer Science, 2017,107: 27-38. |
[11] | RICK V H . The motivation of attackers in attack tree analysis[D]. Holland,Delft:Delft University of Technology, 2015. |
[12] | PIETERS W , DAVARYNEJAD M . Calculating adversarial risk from attack trees:control strength and probabilistic attackers[M]// Data Privacy Management,Autonomous Spontaneous Security,and Security Assurance. Springer International Publishing, 2015: 201-215. |
[13] | JHA S , SHEYNER O , WING J . Two formal analyses of attack graphs[C]// The 2002 Computer Security Foundations Workshop. IEEE, 2002: 49-63. |
[14] | SHEYNER O , HAINES J , JHA S ,et al. Automated generation and analysis of attack graphs[C]// The 2002 Security and Privacy Symposium. 2002: 273-284. |
[15] | SHEYNER O . Scenario graphs and attack graphs[D]. US Air Force Research Laboratory, 2004. |
[16] | BHATTACHARYA S , GHOSH S K . An artificial intelligence based approach for risk management using attack graph[C]// Computational Intelligence and Security,2007 International Conference on IEEE. 2007: 794-798. |
[17] | 冯萍慧, 连一峰, 戴英侠 ,等. 基于可靠性理论的分布式系统脆弱性模型[J]. 软件学报, 2006,17(7): 1633-1640. |
FENG P H , LIAN Y F , DAI Y X ,et al. A vulnerability model of distributed systems based on reliability theory[J]. Journal of Software, 2006,17(7): 1633-1640. | |
[18] | HOMER J , ZHANG S , OU X ,et al. Aggregating vulnerability metrics in enterprise networks using attack graphs[J]. Journal of Computer Security, 2013,21(4): 561-597. |
[19] | 吴迪, 连一峰, 陈恺 ,等. 一种基于攻击图的安全威胁识别和分析方法[J]. 计算机学报, 2012,35(9): 1938-1950. |
WU D , LIAN Y F , CHEN K ,et al. A security threats identification and analysis method based on attack graph[J]. Chinese Journal of Computers, 2012,35(9): 1938. | |
[20] | 方研, 殷肖川, 李景志 . 基于贝叶斯攻击图的网络安全量化评估研究[J]. 计算机应用研究, 2013,30(9): 2763-2766. |
FANG Y , YIN X C , LI J Z . Research of quantitative network security assessment based on Bayesian-attack graphs[J]. Application Research of Computers, 2013,30(9): 2763-2766. | |
[21] | ALHOMIDI M , REED M . Risk assessment and analysis through population-based attack graph modelling[C]// 2013 World Congress on Internet Security (WorldCIS) . 2013: 19-24. |
[22] | ROSCHKE S , CHENG F , MEINEL C . High-quality attack graph-based IDS correlation[J]. Logic Journal of the IGPL, 2013,21(4): 571-591. |
[23] | WANG L , YAO C , SINGHAL A ,et al. Implementing interactive analysis of attack graphs using relational databases[J]. Journal of Computer Security, 2008,16(4): 419-437. |
[24] | WANG L , YAO C , SINGHAL A ,et al. Interactive analysis of attack graphs using relational queries[C]// IFIP Annual Conference on Data and Applications Security and Privacy. Springer Berlin Heidelberg, 2006: 119-132. |
[25] | 陈靖, 王冬海, 彭武 . 基于动态攻击图的网络安全实时评估[J]. 计算机科学, 2013,40(2): 133-138. |
CHEN J , WANG D H , PENG W . Real-time network security assessment based on dynamic attack graph[J]. Computer Science, 2013,40(2): 133-138. | |
[26] | 闫峰 . 基于攻击图的网络安全风险评估技术研究[D]. 长春:吉林大学, 2014. |
YAN F . The technology research of network security assessment based on attack graphs[D]. Changchun:Jilin University, 2014. | |
[27] | 陈锋, 张怡, 苏金树 ,等. 攻击图的两种形式化分析[J]. 软件学报, 2010,21(4): 838-848. |
CHEN F , ZHANG Y , SU J S ,et al. Two formal analyses of attack graphs[J]. Journal of Software, 2010,21(4): 838-848. | |
[28] | RITCHEY B , O'BERRY B , NOEL S . Representing TCP/IP connectivity for topological analysis of network security[C]// The 2002 Computer Security Applications Conference. 2002: 25-31. |
[29] | LI W , VAUGHN R B , DANDASS Y S . An approach to model network exploitations using exploitation graphs[J]. Simulation, 2006,82(8): 523-541. |
[30] | AMMANN P , WIJESEKERA D , KAUSHIK S . Scalable,graph-based network vulnerability analysis[C]// The 9th ACM Conference on Computer and Communications Security. ACM, 2002: 217-224. |
[31] | PEARL J . Probabilistic reasoning in intelligent system[M]. Morgan Kaufinann: Network of Plausible Inference, 1988: 1-86. |
[32] | LIU Y , MAN H . Network vulnerability assessment using Bayesian networks[C]// Defense and Security. International Society for Optics and Photonics, 2005: 61-71. |
[33] | 张少俊, 李建华, 宋珊珊 ,等. 贝叶斯推理在攻击图节点置信度计算中的应用[J]. 软件学报, 2010,21(9): 2376-2386. |
ZHANG S J , LI J H , SONG S S ,et al. Using Bayesian inference for computing attack graph node beliefs[J]. Journal of Software, 2010,21(9): 2376-2386. | |
[34] | FRIGAULT M , WANG L . Measuring network security using Bayesian network-based attack araphs[C]// The 3rd IEEE International Workshop on Security,Trust,and Privacy for Software Applications. 2008: 698-703. |
[35] | POOLSAPPASIT N , DEWRI R , RAY I . Dynamic security risk management using Bayesian attack graphs[J]. IEEE Transactions on Dependable & Secure Computing, 2011,9(1): 61-74. |
[36] | WANG L , JAJODIA S , SINGHAL A ,et al. k-zero day safety:measuring the security risk of networks against unknown attacks[J]. Lecture Notes in Computer Science, 2010,11(1): 573-587. |
[37] | WANG L , JAJODIA S , SINGHAL A ,et al. k-zero day safety:a network security metric for measuring the risk of unknown vulnerabilities[J]. IEEE Transactions on Dependable & Secure Computing, 2014,11(1): 30-44. |
[38] | WANG L , ZHANG M , JAJODIA S ,et al. Modeling network diversity for evaluating the robustness of networks against zero-day attacks[C]// European Symposium on Research in Computer Security. Springer International Publishing, 2014: 494-511. |
[39] | ZHANG M , WANG L , JAJODIA S ,et al. Network diversity:a security metric for evaluating the resilience of networks against zero-day attacks[J]. IEEE Transactions on Information Forensics & Security, 2016,11(5): 1071-1086. |
[40] | BECKERS K , KRAUTSEVICH L , YAUTSIUKHIN A . Analysis of social engineering threats with attack graphs[M]// Data Privacy Management,Autonomous Spontaneous Security,and Security Assurance. Springer International Publishing, 2015: 67-73. |
[41] | BI K , HAN D , WANG J . K maximum probability attack paths dynamic generation algorithm[J]. Computer Science and Information Systems, 2016,13(2): 677-689. |
[42] | WANG S , TANG G , KOU G ,et al. An attack graph generation method based on heuristic searching strategy[C]// 2016 2nd IEEE International Conference on Computer and Communications (ICCC), 2016: 1180-1185. |
[43] | KAYNAR K , SIVRIKAYA F . Distributed attack graph generation[J]. IEEE Transactions on Dependable and Secure Computing, 2016,13(5): 519-532. |
[44] | MIEHLING E , RASOULI M , TENEKETZIS D . Optimal defense policies for partially observable spreading processes on Bayesian attack graphs[C]// The Second ACM Workshop on Moving Target Defense. ACM, 2015: 67-76. |
[45] | DURKOTA K , LISY V , BOSANSKY B ,et al. Optimal network security hardening using attack graph games[C]// IJCAI. 2015: 7-14. |
[46] | POLAD H , PUZIS R , SHAPIRA B . Attack graph obfuscation[C]// International Conference on Cyber Security Cryptography and Machine Learning. Springer,Cham, 2017: 269-287. |
[47] | JOHNSON P , VERNOTTE A , EKSTEDT M ,et al. pwnPr3d:an attack-graph-driven probabilistic threat-modeling approach[C]// 2016 11th International Conference on Availability,Reliability and Security (ARES). 2016: 278-283. |
[48] | ABRAHAM S , NAIR S . Predictive cyber security analytics framework:a non-homogenous Markov model for security quantification[J]. Journal of Communications, 2014,12(9): 899-907. |
[49] | FADLALLAH A , SBEITY H , MALLI M ,et al. Application of attack graphs in intrusion detection systems:an implementation[J]. International Journal of Computer Networks, 2016,8(1): 1-12. |
[50] | WANG L , LIU A , JAJODIA S . Using attack graphs for correlating,hypothesizing,and predicting intrusion alerts[J]. Computer Communications, 2006,29(15): 2917-2933. |
[51] | AHMADINEJAD S H , JALILI S , ABADI M . A hybrid model for correlating alerts of known and unknown attack scenarios and updating attack graphs[J]. Computer Networks, 2011,55(9): 2221-2240. |
[52] | 刘威歆, 郑康锋, 武斌 ,等. 基于攻击图的多源告警关联分析方法[J]. 通信学报, 2015,36(9): 135-144. |
LIU W X , ZHENG K F , WU B ,et al. Alert processing based on attack graph and multi-source analyzing[J]. Journal on Communications, 2015,36(9): 135-144. | |
[53] | 徐丽娟 . 基于攻击图的工业控制网络安全隐患分析[D]. 北京:北京邮电大学, 2015. |
XU L J . Industrial control system network’s potential risk analysis based on attack graph[D]. Beijing:Beijing University of Posts and Telecommunications, 2015. | |
[54] | 黄家辉, 冯冬芹, 王虹鉴 . 基于攻击图的工控系统脆弱性量化方法[J]. 自动化学报, 2015,42(5): 792-798. |
HUANG J H , FENG D Q , WANG H J . A method for quantifying vulnerability of industrial control system based on attack graph[J]. Acta Automatica Sinica, 2015,42(5): 792-798. | |
[55] | LEVER K E , MACDERMOTT á , KIFAYAT K . Evaluating interdependencies and cascading failures using distributed attack graph generation methods for critical infrastructure defence[C]// The 2015 Developments of E-Systems Engineering (DeSE). 2015: 47-52. |
[56] | 胡双双 . 基于蜜网的攻击行为分析[D]. 北京:北京邮电大学, 2015. |
HU S S . Analysis of attack based on honeynet[D]. Beijing:Beijing University of Posts and Telecommunications, 2015. | |
[57] | HAWRYLAK P J , HARTNEY C , PAPA M ,et al. Using hybrid attack graphs to model and analyze attacks against the critical information infrastructure[M]// Critical Information Infrastructure Protection and Resilience in the ICT Sector. IGI Global, 2013: 173-197. |
[58] | 武文博, 康锐, 李梓 . 基于攻击图的信息物理系统信息安全风险评估方法[J]. 计算机应用, 2016,36(1): 203-206. |
WU W B , KANG R , LI Z . Attack graph based risk assessment method for cyber security of cyber-physical system[J]. Journal of Computer Applications, 2016,36(1): 203-206. | |
[59] | NICHOLS W , HAWRYLAK P , HALE J ,et al. Introducing priority into hybrid attack graphs[C]// The 12th Annual Conference on Cyber and Information Security Research. ACM, 2017:12. |
[60] | LUCKETT P , MCDONALD J , GLISSON W . Attack-graph threat modeling assessment of ambulatory medical devices[C]// The 50th Hawaii International Conference on System Sciences. 2017: 3648-3657. |
[61] | OU X , GOVINDAVAJHALA S , APPEL A W . MulVAL:a logic- based network security analyzer[C]// 14th USENIX Security. 2005: 1-16. |
[62] | SAHA D , . Extending logical attack graphs for efficient vulnerability analysis[C]// The 15th ACM Conference on Computer and Communications Security. 2008: 63-74. |
[63] | LIPPMANN R , INGOLS K , SCOTT C ,et al. Validating and restoring defense in depth using attack graphs[C]// Milcom 2006 Military Communications Conference. 2006: 1-10. |
[64] | FREDRIK J S . A test of attack graph-based evaluation of IT-security[D]. Sweden,V?sterbotten:Ume? University, 2014. |
[1] | Ming TANG, Yifan HU. Load-to-store: exploit the time leakage of store buffer transient window [J]. Journal on Communications, 2023, 44(4): 64-77. |
[2] | Zhiyong LUO, Yu ZHANG, Qing WANG, Weiwei SONG. Study of SDN intrusion intent identification algorithm based on Bayesian attack graph [J]. Journal on Communications, 2023, 44(4): 216-225. |
[3] | Haiyan KANG, Molan LONG. Research on network attack analysis method based on attack graph of absorbing Markov chain [J]. Journal on Communications, 2023, 44(2): 122-135. |
[4] | Yuntao ZHANG, Binxing FANG, Chunlai DU, Zhongru WANG, Zhijian CUI, Shouyou SONG. Container escape detection method based on heterogeneous observation chain [J]. Journal on Communications, 2023, 44(1): 49-63. |
[5] | Hongyu YANG, Haihang YUAN, Liang ZHANG. Host security assessment method based on attack graph [J]. Journal on Communications, 2022, 43(2): 89-99. |
[6] | Huafeng HUANG, Purui SU, Yi YANG, Xiangkun JIA. Automatic exploitation generation method of write-what-where vulnerability [J]. Journal on Communications, 2022, 43(1): 83-95. |
[7] | Jiawei QIN, Hua ZHANG, Hanbing YAN, Nengqiang HE, Tengfei TU. Research on context-aware Android application vulnerability detection [J]. Journal on Communications, 2021, 42(11): 13-27. |
[8] | Changqing AN, Yujia LIU, Hui WANG, Zhiyan ZHENG, Tao YU, Jilong WANG. Research on the invulnerability of regional network based on topology analysis [J]. Journal on Communications, 2021, 42(11): 145-158. |
[9] | Bing ZHANG, Zheng WEN, Yuxuan ZHAO, Ning WANG, Jiadong REN. Dual-granularity lightweight model for vulnerability code slicing method assessment [J]. Journal on Communications, 2021, 42(11): 233-241. |
[10] | Wenjuan WANG, Xuehui DU, Dibin SHAN. Construction method of attack scenario in cloud environment based on dynamic probabilistic attack graph [J]. Journal on Communications, 2021, 42(1): 1-17. |
[11] | Zhiyong LUO,Xu YANG,Jiahui LIU,Rui XU. Network intrusion intention analysis model based on Bayesian attack graph [J]. Journal on Communications, 2020, 41(9): 160-169. |
[12] | Chunfu JIA,Shengbo YAN,Zhi WANG,Chenlu WU,Hang LI. Method to improve edge coverage in fuzzing [J]. Journal on Communications, 2019, 40(11): 76-85. |
[13] | Hongyu SUN,Yuan HE,Jice WANG,Ying DONG,Lipeng ZHU,He WANG,Yuqing ZHANG. Application of artificial intelligence technology in the field of security vulnerability [J]. Journal on Communications, 2018, 39(8): 1-17. |
[14] | Cheng-yu SUN,Mao-xing SHEN,Hao SHENG,Jin-ke XIAO. Optimization design of structure invulnerability for air defense multiple sensor network [J]. Journal on Communications, 2017, 38(6): 118-126. |
[15] | De-guang LE,Sheng-rong GONG,Shao-gang WU,Feng XU,Wen-sheng LIU. Research on RTF array overflow vulnerability detection [J]. Journal on Communications, 2017, 38(5): 96-107. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|