期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于随机博弈模型的网络攻防量化分析方法 被引量:66

Analysis for Network Attack-Defense Based on Stochastic Game Model
在线阅读 下载PDF
导出
摘要 针对日益普遍和多样的网络攻击和破坏行为,如何利用模拟真实网络的虚拟环境,实现对网络各种攻防过程的实验推演,并分析评价网络系统安全性,已逐渐成为热点研究方向.对此文中提出了采用随机博弈模型的网络攻防实验整体架构,提出了由网络连接关系、脆弱性信息等输入数据到网络攻防博弈模型的快速建模方法,基于最终生成的攻防模型可以对目标网络的攻击成功率、平均攻击时间、脆弱节点以及潜在攻击路径等方面进行安全分析与评价.最后,应用研究所得的网络攻防模型与分析方法对一个典型的企业网络攻防过程进行分析和推演.结果表明了模型和分析方法的有效性. Network ranges can be provided for network attack and defense experiments to simulate real network in a virtual environment, and deduct the process of network threats. This paper presents an overall framework of the network range based on security attack and defense model. In the model, the stochastic models and game model are used, and a series of security attack and defense model algorithm and the security analysis techniques are proposed. Finally, the application of network attack and defense modeling approach on a typical enterprise network attack and defense process of analysis and inference. The results show that the model and analysis approach above proposed is feasible and effective.
作者 王元卓 林闯 程学旗 方滨兴
机构地区 中国科学院计算技术研究所 清华大学计算机系
出处 《计算机学报》 EI CSCD 北大核心 2010年第9期1748-1762,共15页 Chinese Journal of Computers
基金 国家自然科学基金(60803123 60933005 60932003 60873245)资助~~
关键词 网络安全 攻防模型 脆弱性 随机PETRI网 随机博弈网 network security attack-defense Model vulnerabilityl stochastic Petri nets stochastic game nets
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献33

  • 1Sanders W H,Cukier M,Webber F,Pal P,Watro R.Probabilistic validation of intrusion tolerance//Proceedings of the International Conference on Dependable Systems & Networks (DSN-2002).Bethesda,2002:78-79.
  • 2Littlewood B,Brocklehurst S,Fenton N,Mellor P,Page S,Wright D.Towards operational measures of computer security.Computer Security,1993,2:211-229.
  • 3Nicol D M,Sanders W H,Trivedi K S.Model-based evaluation:From dependability to security.IEEE Transactions on Dependability and Security,2004,1(1):48-65.
  • 4Avizienis A,Laprie J C,Randell B,Landwehr C.Basic concepts and taxonomy of dependable and secure computing.IEEE Transactions on Dependable and Secure Computing,2004,1(1):11-33.
  • 5姜伟,方滨兴,田志宏,张宏莉.基于攻防博弈模型的网络安全测评和最优主动防御[J].计算机学报,2009,32(4):817-827. 被引量:156
  • 6Hamilton S N,Miller W L,Ot t A,Saydjari O S.The role of game theory in information warfare//Proceedings of the 4th Information Survivability Workshop.Vancouver,Canada,2002:45-46.
  • 7Liu Y,Trivedi K S.A general framework for network survivability quantification//Proceedings of the 12th GI/ITG Conference on Measuring,Modelling and Evaluation of Computer and Communication Systems (MMB) Together with 3rd Polish-German Teletraffic Symposium (PGTS).Dresden,2004:369-378.
  • 8Daley K,Larson R,Dawkins J.A structural framework for modeling multi-stage network attacks//Proceedings of the ICPP Workshops.Regina,2002:5-10.
  • 9Sheyner O,Haines J,Jha S,Lippmann R,Wing J.Automated generation and analysis of attack graphs//Proceedings of the 2002 IEEE Symposium on Security and Privacy.Berkeley,CA,2002:273-284.
  • 10Jha S,Sheyner O,Wing J M.Two formal analyses of attack graphs//Proceedings of the Computer Security Foundations Workshop (CSFW).Cape Breton,Nova Scotia,2002:49-63.

二级参考文献89

共引文献273

同被引文献630

引证文献66

二级引证文献519

计算机学报
2010年 第9期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部