检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:杨英杰[1] 冷强 常德显[1] 潘瑞萱 胡浩[1] YANG Yingjie;LENG Qiang;CHANG Dexian;PAN Ruixuan;HU Hao(Information Engineering University, Zhengzhou 450001, China)
机构地区:[1]信息工程大学
出 处:《电子与信息学报》2019年第8期1838-1846,共9页Journal of Electronics & Information Technology
基 金:国家“863”高技术研究发展计划(2015AA016006);国家重点研发计划课题(2016YFF0204003);国家自然科学基金(61471344)~~
摘 要:该文首先利用属性攻击图理论构建了网络动态威胁分析属性攻击图(DT-AAG)模型,该模型在全面刻画系统漏洞和网络服务导致的威胁转移关系的基础上,结合通用漏洞评分标准(CVSS)和贝叶斯概率转移计算方法设计了威胁转移概率度量算法;其次基于构建的DT-AAG模型,利用威胁与漏洞、服务间的关联关系,设计了动态威胁属性攻击图生成算法(DT-AAG-A),并针对生成的属性攻击图存在的威胁传递环路问题,设计了环路消解机制;最后通过实验验证了该模型和算法的有效性。Firstly, a network Dynamic Threat Attribute Attack Graph(DT-AAG) analysis model is constructed by using Attribute Attack Graph theory. On the basis of the comprehensive description of system vulnerability and network service-induced threat transfer relationship, a threat transfer probability measurement algorithm is designed in combination with Common Vulerability Scoring System(CVSS) vulnerability evaluation criteria and Bayesian probability transfer method. Secondly, based on the model, a Dynamic Threat Attribute Attack Graph generation Algorithm(DT-AAG-A) is designed by using the relationship between the threat and the vulnerability as well as the service. What’s more, to solve the problem that threat transfer loop existing in the generated attribute attack graph, the loop digestion mechanism is designed. Finally, the effectiveness of the proposed model and algorithm is verified by experiments.
关 键 词:属性攻击图 威胁转移 通用漏洞评分标准 传递环路
分 类 号:TP393[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.222