采用混和路径攻击图的防御方案生成方法

发布时间：2018-02-15 20:13

  本文关键词： -day 防御决策 防御方案 混合路径攻击图(MPAG) 多目标优化　出处：《浙江大学学报(工学版)》2017年09期 　论文类型：期刊论文

【摘要】：通过分析已知漏洞的共性,给出漏洞及其利用规则的形式描述.构造混合路径攻击图(MPAG)模型,扩展攻击图的描述语义.将0-day漏洞利用产生的隐式攻击路径和已知漏洞产生的显式攻击路径描述在同一攻击图中,并计算0-day漏洞利用率的风险.基于混合路径攻击图和多目标优化理论,给出防御方案生成方法及均衡生成成本和风险的防御方案.实验结果表明:混合路径攻击图能描述隐式攻击路径,同时可能引入同一场景下传统攻击图中没被利用过的已知漏洞;基于混合路径攻击图生成的防御方案具有更好的路径覆盖率,能够帮助安全管理员找出防御措施库存在的遗漏.
[Abstract]:By analyzing the commonness of the known vulnerabilities, the formal description of the vulnerabilities and their utilization rules is given, and the MPAG model of the mixed path attack graph is constructed. Extend the description semantics of attack graph. The implicit attack path generated by 0-day vulnerability and the explicit attack path generated by known vulnerability are described in the same attack graph. Based on the mixed path attack graph and multi-objective optimization theory, the risk of 0-day vulnerability utilization is calculated. The method of generating defense scheme and the defense scheme with balanced generation cost and risk are given. The experimental results show that the hybrid path attack graph can describe the implicit attack path. At the same time, it is possible to introduce known vulnerabilities that have not been exploited in the traditional attack graph in the same scenario. The defense scheme based on the hybrid path attack graph has better path coverage, which can help security administrators to find out the missing stocks of defense measures.
【作者单位】： 北京航空航天大学计算机学院网络技术北京市重点实验室;
【基金】：国家自然科学基金资助项目(U1636208)
【分类号】：TP393.08
，

本文编号：1513789