检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:唐淑君[1] 李肖坚[1] 屠守中[1] 韦刚[1]
机构地区:[1]北京航空航天大学计算机学院,北京100083
出 处:《北京航空航天大学学报》2007年第12期1486-1490,共5页Journal of Beijing University of Aeronautics and Astronautics
基 金:航空科学基金资助项目(03F51060);北京教育委员会共建项目建设计划基金资助项目(SYS100060412);国防基础科研资助项目(2007A01Z407)
摘 要:目前网络安全仿真研究中存在缺乏攻击建模方法以及统一描述的问题,因此在采用攻击树建立攻击模型,描述攻击企图、特征和步骤执行过程的基础上,提出一种攻击描述语言CNADL(Computer Network Attack Description Language).攻击树用于对攻击进行建模,并转化为自动机模型.CNADL采用上下文无关文法,用统一的形式描述攻击的目的、方法和步骤,由解释器生成相应操作的命令交付攻击演练系统执行.利用基于GTNetS仿真平台的攻击演练系统对CNADL进行实验验证.结果表明,该语言能有效地刻画攻击特征,结合仿真平台,实现了拒绝服务、蠕虫、口令窃取和IP欺骗4种攻击仿真.A main problem of recent researches on network security simulation is the lack of methods to model attack and uniform description. Hence computer network attack description language (CNADL) was presented, with attack tree adopted to model attacks and describe purpose, characteristic and process of attack. Attack tree was used to model attacks and then transformed to automata model. CNADL, which was attack tree model oriented and designed in context-free grammar, described the goal, means and process of different attacks in uniform format. The interpreter translated CNADL into corresponding orders and sent them to attack drilling system. Based on GTNetS simulator, the attack drilling system tested the validity of CNADL. The experimental results show that CNADL is able to describe attack characteristics efficiently, and simulate denial of service(DoS) , worm password attack and IP spoof based on GTNetS.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.229
