计算机工程与应用2019,Vol.55Issue(22):73-79,7.DOI:10.3778/j.issn.1002-8331.1809-0081
基于贝叶斯攻击图的网络入侵意图识别方法
Network Intrusion Intention Recognition Method Based on Bayesian Attack Graph
摘要
Abstract
The existing intrusion intention recognition methods lack the validity consideration of alert evidence, which affects the recognition accuracy. Therefore, the intrusion intention recognition method based on Bayesian attack graph is proposed. Firstly, the model of Bayesian attack graph is constructed, and then the isolated alerts with low confidence are removed by setting the alert confidence and correlation strength. Secondly, the Bayesian posteriori reasoning is performed based on the extracted effective alert evidence. Furthermore, the probability of each state node being attacked is dynami-cally updated in the attack graph, which aims to identify the previous and potential attack behaviors in the network. Finally, the experimental results show that the proposed method can effectively extract the alert evidence and improve the prediction accuracy of the network intrusion.关键词
意图识别/贝叶斯攻击图/漏洞利用/报警置信度/报警关联强度Key words
intention recognition/Bayesian attack graph/vulnerability exploitation/alert confidence level/alert correla-tion strength分类
信息技术与安全科学引用本文复制引用
王洋,吴建英,黄金垒,胡浩,刘玉岭..基于贝叶斯攻击图的网络入侵意图识别方法[J].计算机工程与应用,2019,55(22):73-79,7.基金项目
国家自然科学基金(No.61902427,No.61471344) (No.61902427,No.61471344)
国家"863"高技术研究发展计划(No.2015AA016006) (No.2015AA016006)
国家重点研发计划(No.2016YFF0204002,No.2016YFF0204003) (No.2016YFF0204002,No.2016YFF0204003)
郑州市科技领军人才项目(No.131PLJRC644) (No.131PLJRC644)
"十三五"装备预研领域基金 ()
CCF-启明星辰"鸿雁"科研计划(No.2017003). (No.2017003)
