工程科学与技术2017,Vol.49Issue(2):115-120,6.DOI:10.15961/j.jsuese.201601046
基于攻防行为树的网络安全态势分析
Network Security Analysis on Attack-defense Behavior Tree
摘要
Abstract
Modern network is subjected to the risk of combined attack.Therefore,a security situation analysis model based on attack and defense behavior is necessary to be build for analyzing the threat of each independent and combined attack behaviors.Aiming at the problems that the defense factors is not taken into account by the traditional attack tree,the defense tree model lacks good scalability and external attacks were hard to be analyzed by fault tree model,in this paper,the game theory was introduced into attack tree model to describe the specific network attack incident scene.Firstly,logical relationship between different levels of aggressive behavior was analyzed.Offensive and defensive attack trees corresponding to different attack levels are then integrated,and the complete network attack behavior tree was lately obtained.Based on the above steps,an algorithm on the network threat offensive behavior tree was proposed.By finding aggression combinations,analyzing its attack probability,and assessing the threat of attack,the network security situation was analyzed.In order to verify the feasibility and effectiveness of the attack behavior tree model,it was built on the basis of BGP(border gateway protocol)attack tree.By calculating the probability,the probability of PA TH1 was largest.Meanwhile,the attack success rates of five attack paths were increased in the case of no defense measures.The probabilities of PATH2 to PATH5 were increased significantly higher than PATH1 which is consistent with facts.The experimental analysis showed that the model can calculate the effect of various defensive measures very well,which provides a theoretical basis of carrying out targeted network security defense.关键词
网络安全/态势分析/行为树/攻击行为树/防御行为树Key words
network security/situation analysis/behavior tree/attack behavior tree defense behavior tree分类
信息技术与安全科学引用本文复制引用
付钰,俞艺涵,陈永强,周学广..基于攻防行为树的网络安全态势分析[J].工程科学与技术,2017,49(2):115-120,6.基金项目
国家社会科学基金军事学资助项目(15G003-201) (15G003-201)
中国博士后基金资助项目(2014M552656) (2014M552656)
湖北省自然科学基金资助项目(2015CFC867) (2015CFC867)
