摘要
网络攻击大多数情况下是利用相对独立的工具(或软件)实施,其实施的范围、速度和效果都有较大的限制。文章基于智能代理和攻击树理论提出一种大范围、多类型的自动攻击模型。该模型系统级采用代理技术,支持系统插件动态扩充,在攻击模式上采用攻击树描述攻击流程实现攻击过程的自动化,同时构建控管中心实现系统的统一管理和控制。实验结果表明,系统对多目标同时发起攻击,用户设计流程执行成功率高,攻击代理端CPU占用率低,攻击效率获得提升。该攻击模型可以实现多目标、多形式的自动攻击,攻击范围广,可人工限定攻击速度和设计攻击流程,模型具有较高的普适性,实现的系统可作为信息安全测评工具和实验平台。
In most cases, network attacks is implemented by attackers with relatively independent tools (or software), the scope, speed and effect of attack were very limited. This paper proposes a large-scale, multi-type auto-attack model based on agent technology and attack tree theory. The system level of the model employs the agent technology, supports the dynamic expansion of the plugins and reaches the auto-attack by describing the attack procedure with attack tree. Meanwhile, the control center was built to achieve unified management and control of the whole system. The experiment shows that the system can attack multi-objective at the same time, reach a high success rate of the procedure execution, achieve a low CPU utilization at attack agent and obtain a great promotion in the attack efficiency. The attack model can achieve multi-objective and multi-type auto-attack. It has a high universality and can be used as an information security assessment tool or experimental platform.
出处
《信息网络安全》
2013年第1期44-48,共5页
Netinfo Security
