检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:孙澄 胡浩[1] 杨英杰[1] 张红旗[1] SUN Cheng;HU Hao;YANG Yingjie;ZHANG Hongqi(Information Engineering University,Zhengzhou 450001,China)
机构地区:[1]信息工程大学,河南郑州450001
出 处:《网络与信息安全学报》2021年第1期143-156,共14页Chinese Journal of Network and Information Security
基 金:国家自然科学基金(61902427)。
摘 要:针对现有威胁分析模型无法兼顾高级安全威胁的宏观发展趋势及微观传播路径的问题,建立了一种双层威胁分析模型TL-TAM。模型上层刻画严重程度由低到高的威胁发展趋势,下层融合技术漏洞攻击、社会工程攻击及网络扫描攻击,刻画威胁传播路径。据此,提出了威胁预测分析算法。实验结果表明,模型能够对威胁传播进行多层面综合分析,并且克服了基于攻击图的威胁分析模型局限于技术漏洞攻击的缺陷,更加适用于高级安全威胁的动态跟踪分析。The existing threat analysis models failed to comprehensively analyze the propagation of advanced security threats integrating the threat development trend and propagation path.In order to solve the problem,a two-layer threat analysis model named TL-TAM was established.The upper layer of the model depicted the threat development trend.The lower layer depicted the threat propagation path considering social engineering and networks can.Based on the model,prediction algorithm of threat development was proposed.The experimental result shows that the model can comprehensively analyze the threat propagation at multiple levels,overcome the defect that the threat analysis model based on attack graph is limited to technical vulnerability attack,and is more suitable for dynamic tracking analysis of advanced security threats.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.97
