检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:陈锋[1,2] 毛捍东[1] 张维明[2] 雷长海[1]
机构地区:[1]第二军医大学网络信息中心,上海200433 [2]国防科学技术大学信息系统与管理学院,长沙410073
出 处:《计算机科学》2011年第11期12-18,共7页Computer Science
基 金:国家自然科学基金(912024006)资助
摘 要:目前网络攻击技术逐步多样化和智能化,攻击者对目标网络内存在的脆弱性会采取多步骤的组合攻击方式进行逐步渗透。攻击图是一种新型的网络脆弱性分析技术,它在对目标网络和攻击者建模的基础上,根据二者之间的相互作用关系计算产生攻击图,展示攻击者利用目标网络脆弱性实施网络攻击的各种可能攻击路径。该技术能够自动发现未知的系统脆弱性以及脆弱性之间的关系,因此是目前研究的热点之一。攻击图技术经历了从面向小型网络的手工分析到自动分析的发展,目前正在向面向大规模网络的自动分析发展。总结了攻击图技术的发展现状,阐述了它的巨大应用前景,最后分析了该技术目前所面临的主要挑战。The network attack techniques are being more diversified,and intelligent,an attacker can often infiltrate a seemingly well-guarded network system using multi-step attacks by exploiting sequences of related vulnerabilities.As the novel vulnerability assessment technique,the attack graph technique analyzes the interaction between the target network and the attacker through the models of these two agents,generates attack graph to show possible attack paths.Because this technology has the capacity to automatically discover the unknown system vulnerabilities and the relationship between vulnerabilities,it is currently a hot subject of research.The attack graph technique has experienced the stage of manual analysis and the stage of the automatic analysis of small-scale network,and is currently in the way of the automatic analysis of large-scale network.In this paper,the development of attack graph technique was summarized and challenges arising from the current research were discussed and some suggestions for the future research work were put forward.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.3
