基于关联攻击图的入侵预测算法  被引量:5

Intrusion Prediction Algorithm Based on Correlation Attack Graph

在线阅读下载全文

作  者:王辉[1] 鹿士凯 王银城 WANG Hui;LU Shikai;WANG Yincheng(School of Computer Science and Technology,Henan Polytechnic University,Jiaozuo,Henan 454000,Chin)

机构地区:[1]河南理工大学计算机科学与技术学院,河南焦作454000

出  处:《计算机工程》2018年第7期131-138,共8页Computer Engineering

基  金:国家自然科学基金(61300216)

摘  要:针对攻击图模型无法准确反映攻击证据对入侵意图预测影响的难题,提出一种基于改进型攻击图的入侵预测算法。引入资源节点、攻击证据、单步攻击等参数,定义关联攻击图。为了计算单步攻击的发生概率,利用贝叶斯推理,设计关联关系量化算法,给出各节点可达概率的推算公式,动态预测网络中潜在的入侵意图。实验结果表明,与基于传统攻击图的入侵预测算法相比,该算法能有效消除攻击证据与单步攻击间的冗余关系,提高攻击证据节点置信度的准确性。In view of the problem that the attack graph model cannot accurately reflect the influence of the attack evidence on the prediction of intrusion intention,An intrusion prediction algorithm based on improved attack graph is proposed. Introduction of resource nodes, evidence, step attackers,parameters, such as defining Correlation Attack Graph( CAG),in order to calculate step attack probability,using bayesian inference,quantitative design correlation algorithm,each node is given to the calculation of probability formula of dynamic prediction in the network of potential invasion of intention. Experimental results show that compared with the traditional attack graph-based intrusion prediction algorithm,the proposed algorithm can effectively eliminate the evidence and single-step attacked redundant relation, and improve the accuracy of the evidence against node degree of confidence.

关 键 词:关联攻击图 关联关系 贝叶斯推理 可达概率 入侵预测 

分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象