基于动态概率攻击图的云环境攻击场景构建方法  被引量:6

Construction method of attack scenario in cloud environment based on dynamic probabilistic attack graph

在线阅读下载全文

作  者:王文娟[1] 杜学绘[1] 单棣斌[1] WANG Wenjuan;DU Xuehui;SHAN Dibin(Information Engineering University,Zhengzhou 450001,China)

机构地区:[1]信息工程大学,河南郑州450001

出  处:《通信学报》2021年第1期1-17,共17页Journal on Communications

基  金:国家自然科学基金资助项目(No.61802436);国家重点研发计划基金资助项目(No.2016YFB050190104)。

摘  要:针对复杂多步攻击检测问题,研究面向云计算环境的攻击场景构建方法。首先,构建了动态概率攻击图模型,设计了概率攻击图更新算法,使之能够随着时空的推移而周期性更新,从而适应弹性、动态性的云计算环境。其次,设计了攻击意图推断算法和最大概率攻击路径推断算法,解决了误报、漏报导致的攻击场景错误、断裂等不确定性问题,保证了攻击场景的准确性。同时将攻击场景随动态概率攻击图动态演化,保证了攻击场景的完备性和新鲜性。实验结果表明,所提方法能够适应弹性、动态的云计算环境,还原出攻击者完整的攻击渗透过程,重构出高层次的攻击场景,为构建可监管可追责的云环境提供了一定的依据和参考。Aiming at the problem of complex multi-step attack detection,the method of attack scenario construction oriented to cloud computing environment was studied.Firstly,a dynamic probabilistic attack graph model was constructed,and a probabilistic attack graph updating algorithm was designed to make it update periodically with the passage of time and space,so as to adapt to the elastic and dynamic cloud computing environment.Secondly,an attack intention inference algorithm and a maximum probability attack path inference algorithm were designed to solve the uncertain problems such as error and fracture of attack scenarios caused by false positive or false negative,and ensure the accuracy of attack scenario.Meanwhile,the attack scenario was dynamically evolved along with the dynamic probability attack graph to ensure the completeness and freshness of the attack scenario.Experimental results show that the proposed method can adapt to the elastic and dynamic cloud environment,restore the penetration process of attacker’s and reconstruct high-level attack scenario,and so provide certain references for building supervised and accountable cloud environment.

关 键 词:云计算 攻击场景 动态概率攻击图 攻击意图 最大概率攻击路径 

分 类 号:TP309.5[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象