Journal on Communications ›› 2023, Vol. 44 ›› Issue (2): 122-135.doi: 10.11959/j.issn.1000-436x.2023002
• Papers • Previous Articles Next Articles
Haiyan KANG, Molan LONG
Revised:
2022-10-29
Online:
2023-02-25
Published:
2023-02-01
Supported by:
CLC Number:
Haiyan KANG, Molan LONG. Research on network attack analysis method based on attack graph of absorbing Markov chain[J]. Journal on Communications, 2023, 44(2): 122-135.
"
运行服务名称 | CVE编号(漏洞编号) | 可利用得分 | 主机号 | 漏洞发现日期 |
apache | CVE-2014-0098(V1) | 10.0 | H1 | 2014-03-18 |
FTP server | CVE-2013-4465(V2) | 4.6 | H2 | 2013-10-25 |
Linux | CVE-2014-0038(V3) | 3.4 | H3 | 2014-02-06 |
Ms-office | CVE-2013-1324(V4) | 8.6 | H4 | 2013-11-12 |
bmc | CVE-2013-4782(V5) | 10.0 | H5 | 2013-07-08 |
radius | CVE-2014-1878(V6) | 10.0 | H6 | 2014-02-28 |
postgresql | CVE-2014-0063(V7) | 7.9 | H7 | 2014-02-17 |
"
路径序号 | 渗透路径 | 路径长度 | 渗透成功率 |
Route1 | S1→S3→S4→S6→S8 | 5 | 0.006 |
Route2 | S1→S3→S4→S7→S8 | 5 | 0.010 |
Route3 | S1→S3→S5→S6→S8 | 5 | 0.020 |
Route4 | S1→S3→S5→S7→S8 | 5 | 0.035 |
Route5 | S1→S2→S3→S4→S6→S8 | 6 | 0.002 |
Route6 | S1→S2→S3→S4→S7→S8 | 6 | 0.003 |
Route7 | S1→S2→S3→S5→S6→S8 | 6 | 0.006 |
Route8 | S1→S2→S3→S5→S7→S8 | 6 | 0.011 |
Route9 | S1→S3→S4→S5→S6→S8 | 6 | 0.002 |
Route10 | S1→S3→S4→S5→S7→S8 | 6 | 0.004 |
Route11 | S1→S3→S5→S6→S7→S8 | 6 | 0.017 |
Route12 | S1→S3→S4→S6→S7→S8 | 6 | 0.005 |
Route13 | S1→S2→S3→S5→S6→S7→S8 | 7 | 0.005 |
Route14 | S1→S2→S3→S4→S5→S6→S8 | 7 | 0.000 7 |
Route15 | S1→S2→S3→S4→S5→S7→S8 | 7 | 0.001 |
Route16 | S1→S2→S3→S4→S6→S7→S8 | 7 | 0.002 |
Route17 | S1→S3→S4→S5→S6→S7→S8 | 7 | 0.002 |
Route18 | S1→S2→S3→S4→S5→S6→S7→S8 | 8 | 0.000 7 |
[1] | 叶云, 徐锡山, 齐治昌 ,等. 大规模网络中攻击图自动构建算法研究[J]. 计算机研究与发展, 2013,50(10): 2133-2139. |
YE Y , XU X S , QI Z C ,et al. Attack graph generation algorithm for large-scale network system[J]. Journal of Computer Research and Development, 2013,50(10): 2133-2139. | |
[2] | 杨英杰, 冷强, 潘瑞萱 ,等. 基于属性攻击图的动态威胁跟踪与量化分析技术研究[J]. 电子与信息学报, 2019,41(9): 2172-2179. |
YANG Y J , LENG Q , PAN R X ,et al. Research on dynamic threat tracking and quantitative analysis technology based on attribute attack graph[J]. Journal of Electronics & Information Technology, 2019,41(9): 2172-2179. | |
[3] | BHATTACHARYA S , GHOSH S K . An artificial intelligence based approach for risk management using attack graph[C]// Proceedings of 2007 International Conference on Computational Intelligence and Security (CIS 2007). Piscataway:IEEE Press, 2007: 794-798. |
[4] | 陈锋, 张怡, 苏金树 ,等. 攻击图的两种形式化分析[J]. 软件学报, 2010,21(4): 838-848. |
CHEN F , ZHANG Y , SU J S ,et al. Two formal analyses of attack graphs[J]. Journal of Software, 2010,21(4): 838-848. | |
[5] | KAYNAR K . A taxonomy for attack graph generation and usage in network security[J]. Journal of Information Security and Applications, 2016,29: 27-56. |
[6] | 杨宏宇, 袁海航, 张良 . 基于攻击图的主机安全评估方法[J]. 通信学报, 2022,43(2): 89-99. |
YANG H Y , YUAN H H , ZHANG L . Host security assessment method based on attack graph[J]. Journal on Communications, 2022,43(2): 89-99. | |
[7] | 罗智勇, 杨旭, 刘嘉辉 ,等. 基于贝叶斯攻击图的网络入侵意图分析模型[J]. 通信学报, 2020,41(9): 160-169. |
LUO Z Y , YANG X , LIU J H ,et al. Network intrusion intention analysis model based on Bayesian attack graph[J]. Journal on Communications, 2020,41(9): 160-169. | |
[8] | 王文娟, 杜学绘, 单棣斌 . 基于动态概率攻击图的云环境攻击场景构建方法[J]. 通信学报, 2021,42(1): 1-17. |
WANG W J , DU X H , SHAN D B . Construction method of attack scenario in cloud environment based on dynamic probabilistic attack graph[J]. Journal on Communications, 2021,42(1): 1-17. | |
[9] | HU H , ZHANG H Q , YANG Y J . Security risk situation quantification method based on threat prediction for multimedia communication network[J]. Multimedia Tools and Applications, 2018,77(16): 21693-21723. |
[10] | 陈小军, 方滨兴, 谭庆丰 ,等. 基于概率攻击图的内部攻击意图推断算法研究[J]. 计算机学报, 2014,37(1): 62-72. |
CHEN X J , FANG B X , TAN Q F ,et al. Inferring attack intent of malicious insider based on probabilistic attack graph model[J]. Chinese Journal of Computers, 2014,37(1): 62-72. | |
[11] | 胡浩, 刘玉岭, 张红旗 ,等. 基于吸收Markov链的网络入侵路径预测方法[J]. 计算机研究与发展, 2018,55(4): 831-845. |
HU H , LIU Y L , ZHANG H Q ,et al. Route prediction method for network intrusion using absorbing Markov chain[J]. Journal of Computer Research and Development, 2018,55(4): 831-845. | |
[12] | 张凯, 刘京菊 . 基于吸收 Markov 链的网络入侵路径分析方法[J]. 计算机科学, 2021,48(5): 294-300. |
ZHANG K , LIU J J . Attack path analysis method based on absorbing Markov chain[J]. Computer Science, 2021,48(5): 294-300. | |
[13] | DURKOTA K , LISY V , B BOSANSKY ,et al. Optimal network security hardening using attack graph games[C]// International Conference on Artificial Intelligence. Palo Alto:AAAI Press, 2015: 526-532. |
[14] | MALIK S U R , ANJUM A , MOQURRAB S A ,et al. Towards enhanced threat modelling and analysis using a Markov Decision Process[J]. Computer Communications, 2022,194: 282-291. |
[15] | SHAHZAD M , SHAFIQ M Z , LIU A X . Large scale characterization of software vulnerability life cycles[J]. IEEE Transactions on Dependable and Secure Computing, 2020,17(4): 730-744. |
[16] | 胡浩, 叶润国, 张红旗 ,等. 面向漏洞生命周期的安全风险度量方法[J]. 软件学报, 2018,29(5): 1213-1229. |
HU H , YE R G , ZHANG H Q ,et al. Vulnerability life cycle oriented security risk metric method[J]. Journal of Software, 2018,29(5): 1213-1229. | |
[17] | BOTEV Z I , LECUYER P , TUFFIN B . Markov chain importance sampling with applications to rate event probability estimation[J]. Statistics and Computing, 2013,23(2): 271-285. |
[18] | NIST. National vulnerability database[R]. 2017. |
[19] | ABRAHAM S , NAIR S . Predictive cyber-security analytics framework:a non-homogenous Markov model for security quantification[J]. Journal of Communication, 2014,12(9): 899-907. |
[20] | 杨宏宇, 袁海航, 张良 . 一种基于主机重要度的网络主机节点风险评估方法[J]. 北京邮电大学学报, 2022,45(2): 16-21. |
YANG H Y , YUAN H H , ZHANG L . A risk assessment method of network host node with host importance[J]. Journal of Beijing University of Posts and Telecommunications, 2022,45(2): 16-21. |
[1] | Zhiyong LUO, Yu ZHANG, Qing WANG, Weiwei SONG. Study of SDN intrusion intent identification algorithm based on Bayesian attack graph [J]. Journal on Communications, 2023, 44(4): 216-225. |
[2] | Hongyu YANG, Haihang YUAN, Liang ZHANG. Host security assessment method based on attack graph [J]. Journal on Communications, 2022, 43(2): 89-99. |
[3] | Wenjuan WANG, Xuehui DU, Dibin SHAN. Construction method of attack scenario in cloud environment based on dynamic probabilistic attack graph [J]. Journal on Communications, 2021, 42(1): 1-17. |
[4] | Zhiyong LUO,Xu YANG,Jiahui LIU,Rui XU. Network intrusion intention analysis model based on Bayesian attack graph [J]. Journal on Communications, 2020, 41(9): 160-169. |
[5] | Shirui HUANG,Hengwei ZHANG,Jindong WANG,Ruiyu DOU. Network security threat warning method based on qualitative differential game [J]. Journal on Communications, 2018, 39(8): 29-36. |
[6] | Hongqi ZHANG,Junnan YANG,Chuanfu ZHANG. Defense decision-making method based on incomplete information stochastic game and Q-learning [J]. Journal on Communications, 2018, 39(8): 56-68. |
[7] | Zi-wei YE,Yuan-bo GUO,Chen-dong WANG,An-kang JU. Survey on application of attack graph technology [J]. Journal on Communications, 2017, 38(11): 121-132. |
[8] | Hao HU,Run-guo YE,Hong-qi ZHANG,Ying-jie YANG,Yu-ling LIU. Quantitative method for network security situation based on attack prediction [J]. Journal on Communications, 2017, 38(10): 122-134. |
[9] | Jian-ming HUANG,Heng-wei ZHANG,Jin-dong WANG,Shi-rui HUANG. Defense strategies selection based on attack-defense evolutionary game model [J]. Journal on Communications, 2017, 38(1): 168-176. |
[10] | Wei-xin LIU,Kang-feng ZHENG,Bin WU,Yi-xian YANG. Alert processing based on attack graph and multi-source analyzing [J]. Journal on Communications, 2015, 36(9): 135-144. |
[11] | Guang-sheng ZHAO,Qing-feng CHENG,Yong-lin SUN. Minimum-cost network hardening algorithm based on stochastic loose optimize strategy [J]. Journal on Communications, 2015, 36(1): 237-245. |
[12] | . App-DDoS detection method based on K-means multiple principal component analysis [J]. Journal on Communications, 2014, 35(5): 3-24. |
[13] | Hong-yu YANG,Yuan CHANG. App-DDoS detection method based on K-means multiple principal component analysis [J]. Journal on Communications, 2014, 35(5): 16-24. |
[14] | Yun YE,Xi-shan XU,Yan JIA,Zhi-chang QI,Wen-cong CHENG. Research on the risk adjacency matrix based on attack graphs [J]. Journal on Communications, 2011, 32(5): 112-120. |
[15] | Fen YAN,Xin-chun YIN,Hao HUANG. Research on establishing network intrusion modeling based on MLL-AT [J]. Journal on Communications, 2011, 32(3): 115-124. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|