检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:李海浩[1] 吴亚锋 王晓强 LI Hai-hao;WU Ya-feng;WANG Xiao-qiang(Unit 91404 of the Chinese People’s Liberation Army,Qinhuangdao 066000,China;Jiangsu Automation Research Institute,Lianyungang 222061,China)
机构地区:[1]中国人民解放军91404部队,河北秦皇岛066000 [2]江苏自动化研究所,江苏连云港222061
出 处:《计算机与现代化》2020年第10期110-115,共6页Computer and Modernization
基 金:国家自然科学基金资助项目(61773384)。
摘 要:渗透测试攻击模型作为渗透测试的重要环节,受到学术界和工业界的共同关注。现有的渗透测试攻击模型未考虑渗透测试攻击过程中的动态参数,无法描述漏洞的发生时间。本文以漏洞为基本单元,以时间Petri网中库所的时间区间表示漏洞的发生区间,构建以时间Petri网为基础模型的渗透测试攻击模型。首先,将漏洞列表作为输入来构建单漏洞模型;然后,将单漏洞模型集合通过模型整合算法形成完整的渗透测试攻击模型;最后,给出渗透攻击路径选择算法,并通过模拟实验验证本文所提渗透攻击路径选择算法的有效性。As an important part of penetration testing,the penetration test attack model has attracted the common attention of academia and industry.Existing penetration test attack models do not take into account the dynamic parameters in the penetration test attack process,and cannot describe when the vulnerability occurred.Taking the vulnerability as the basic unit,and the time interval of the place in the timed Petri net representing the occurrence interval of the vulnerability,this paper builds a penetration test attack model based on the timed Petri net.First,the vulnerability list is used as input to build a single vulnerability model.Then,the single vulnerability model collection is used to form a complete penetration test attack model through a model integration algorithm.Finally,the algorithm of penetration attack path selection is given,and the effectiveness of the algorithm of penetration attack path selection proposed in this paper is verified by simulation experiments.
分 类 号:TP393[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.31
