Studies show that Graph Neural Networks(GNNs)are susceptible to minor perturbations.Therefore,analyzing adversarial attacks on GNNs is crucial in current research.Previous studies used Generative Adversarial Networks ...Studies show that Graph Neural Networks(GNNs)are susceptible to minor perturbations.Therefore,analyzing adversarial attacks on GNNs is crucial in current research.Previous studies used Generative Adversarial Networks to generate a set of fake nodes,injecting them into a clean GNNs to poison the graph structure and evaluate the robustness of GNNs.In the attack process,the computation of new node connections and the attack loss are independent,which affects the attack on the GNN.To improve this,a Fake Node Camouflage Attack based on Mutual Information(FNCAMI)algorithm is proposed.By incorporating Mutual Information(MI)loss,the distribution of nodes injected into the GNNs become more similar to the original nodes,achieving better attack results.Since the loss ratios of GNNs and MI affect performance,we also design an adaptive weighting method.By adjusting the loss weights in real-time through rate changes,larger loss values are obtained,eliminating local optima.The feasibility,effectiveness,and stealthiness of this algorithm are validated on four real datasets.Additionally,we use both global and targeted attacks to test the algorithm’s performance.Comparisons with baseline attack algorithms and ablation experiments demonstrate the efficiency of the FNCAMI algorithm.展开更多
Computer networks face a variety of cyberattacks.Most network attacks are contagious and destructive,and these types of attacks can be harmful to society and computer network security.Security evaluation is an effecti...Computer networks face a variety of cyberattacks.Most network attacks are contagious and destructive,and these types of attacks can be harmful to society and computer network security.Security evaluation is an effective method to solve network security problems.For accurate assessment of the vulnerabilities of computer networks,this paper proposes a network security risk assessment method based on a Bayesian network attack graph(B_NAG)model.First,a new resource attack graph(RAG)and the algorithm E-Loop,which is applied to eliminate loops in the B_NAG,are proposed.Second,to distinguish the confusing relationships between nodes of the attack graph in the conversion process,a related algorithm is proposed to generate the B_NAG model.Finally,to analyze the reachability of paths in B_NAG,the measuring indexs such as node attack complexity and node state transition are defined,and an iterative algorithm for obtaining the probability of reaching the target node is presented.On this basis,the posterior probability of related nodes can be calculated.A simulation environment is set up to evaluate the effectiveness of the B_NAG model.The experimental results indicate that the B_NAG model is realistic and effective in evaluating vulnerabilities of computer networks and can accurately highlight the degree of vulnerability in a chaotic relationship.展开更多
The network attack profit graph(NAPG)model and the attack profit path predication algorithm are presented herein to cover the shortage of considerations in attacker’s subjective factors based on existing network atta...The network attack profit graph(NAPG)model and the attack profit path predication algorithm are presented herein to cover the shortage of considerations in attacker’s subjective factors based on existing network attack path prediction methods.Firstly,the attack profit is introduced,with the attack profit matrix designed and the attack profit matrix generation algorithm given accordingly.Secondly,a path profit feasibility analysis algorithm is proposed to analyze the network feasibility of realizing profit of attack path.Finally,an opportunity profit path and an optimal profit path are introduced with the selection algorithm and the prediction algorithm designed for accurate prediction of the path.According to the experimental test,the network attack profit path predication algorithm is applicable for accurate prediction of the opportunity profit path and the optimal profit path.展开更多
In order to protect the website and assess the security risk of website, a novel website security risk assessment method is proposed based on the improved Bayesian attack graph(I-BAG) model. First, the Improved Bayesi...In order to protect the website and assess the security risk of website, a novel website security risk assessment method is proposed based on the improved Bayesian attack graph(I-BAG) model. First, the Improved Bayesian attack graph model is established, which takes attack benefits and threat factors into consideration. Compared with the existing attack graph models, it can better describe the website's security risk. Then, the improved Bayesian attack graph is constructed with optimized website attack graph, attack benefit nodes, threat factor nodes and the local conditional probability distribution of each node, which is calculated accordingly. Finally, website's attack probability and risk value are calculated on the level of nodes, hosts and the whole website separately. The experimental results demonstrate that the risk evaluating method based on I-BAG model proposed is a effective way for assessing the website security risk.展开更多
Purpose:With the rapid development of Internet technology,cybersecurity threats such as security loopholes,data leaks,network fraud,and ransomware have become increasingly prominent,and organized and purposeful cybera...Purpose:With the rapid development of Internet technology,cybersecurity threats such as security loopholes,data leaks,network fraud,and ransomware have become increasingly prominent,and organized and purposeful cyberattacks have increased,posing more challenges to cybersecurity protection.Therefore,reliable network risk assessment methods and effective network security protection schemes are urgently needed.Design/methodology/approach:Based on the dynamic behavior patterns of attackers and defenders,a Bayesian network attack graph is constructed,and a multitarget risk dynamic assessment model is proposed based on network availability,network utilization impact and vulnerability attack possibility.Then,the selforganizing multiobjective evolutionary algorithm based on grey wolf optimization is proposed.And the authors use this algorithm to solve the multiobjective risk assessment model,and a variety of different attack strategies are obtained.Findings:The experimental results demonstrate that the method yields 29 distinct attack strategies,and then attacker’s preferences can be obtained according to these attack strategies.Furthermore,the method efficiently addresses the security assessment problem involving multiple decision variables,thereby providing constructive guidance for the construction of security network,security reinforcement and active defense.Originality/value:A method for network risk assessment methods is given.And this study proposed a multiobjective risk dynamic assessment model based on network availability,network utilization impact and the possibility of vulnerability attacks.The example demonstrates the effectiveness of the method in addressing network security risks.展开更多
基金supported by the Natural Science Basic Research Plan in Shaanxi Province of China(Program No.2022JM-381,2017JQ6070)National Natural Science Foundation of China(Grant No.61703256),Foundation of State Key Laboratory of Public Big Data(No.PBD2022-08)the Fundamental Research Funds for the Central Universities,China(Program No.GK202201014,GK202202003,GK201803020).
文摘Studies show that Graph Neural Networks(GNNs)are susceptible to minor perturbations.Therefore,analyzing adversarial attacks on GNNs is crucial in current research.Previous studies used Generative Adversarial Networks to generate a set of fake nodes,injecting them into a clean GNNs to poison the graph structure and evaluate the robustness of GNNs.In the attack process,the computation of new node connections and the attack loss are independent,which affects the attack on the GNN.To improve this,a Fake Node Camouflage Attack based on Mutual Information(FNCAMI)algorithm is proposed.By incorporating Mutual Information(MI)loss,the distribution of nodes injected into the GNNs become more similar to the original nodes,achieving better attack results.Since the loss ratios of GNNs and MI affect performance,we also design an adaptive weighting method.By adjusting the loss weights in real-time through rate changes,larger loss values are obtained,eliminating local optima.The feasibility,effectiveness,and stealthiness of this algorithm are validated on four real datasets.Additionally,we use both global and targeted attacks to test the algorithm’s performance.Comparisons with baseline attack algorithms and ablation experiments demonstrate the efficiency of the FNCAMI algorithm.
基金This work was partially supported by the National Natural Science Foundation of China(61300216,Wang,H,www.nsfc.gov.cn).
文摘Computer networks face a variety of cyberattacks.Most network attacks are contagious and destructive,and these types of attacks can be harmful to society and computer network security.Security evaluation is an effective method to solve network security problems.For accurate assessment of the vulnerabilities of computer networks,this paper proposes a network security risk assessment method based on a Bayesian network attack graph(B_NAG)model.First,a new resource attack graph(RAG)and the algorithm E-Loop,which is applied to eliminate loops in the B_NAG,are proposed.Second,to distinguish the confusing relationships between nodes of the attack graph in the conversion process,a related algorithm is proposed to generate the B_NAG model.Finally,to analyze the reachability of paths in B_NAG,the measuring indexs such as node attack complexity and node state transition are defined,and an iterative algorithm for obtaining the probability of reaching the target node is presented.On this basis,the posterior probability of related nodes can be calculated.A simulation environment is set up to evaluate the effectiveness of the B_NAG model.The experimental results indicate that the B_NAG model is realistic and effective in evaluating vulnerabilities of computer networks and can accurately highlight the degree of vulnerability in a chaotic relationship.
基金the National Natural Science Foundation of China(61802117)。
文摘The network attack profit graph(NAPG)model and the attack profit path predication algorithm are presented herein to cover the shortage of considerations in attacker’s subjective factors based on existing network attack path prediction methods.Firstly,the attack profit is introduced,with the attack profit matrix designed and the attack profit matrix generation algorithm given accordingly.Secondly,a path profit feasibility analysis algorithm is proposed to analyze the network feasibility of realizing profit of attack path.Finally,an opportunity profit path and an optimal profit path are introduced with the selection algorithm and the prediction algorithm designed for accurate prediction of the path.According to the experimental test,the network attack profit path predication algorithm is applicable for accurate prediction of the opportunity profit path and the optimal profit path.
基金supported by the project of the State Key Program of National Natural Science Foundation of China (No. 90818021)supported by a grant from the national high technology research and development program of China (863program) (No.2012AA012903)
文摘In order to protect the website and assess the security risk of website, a novel website security risk assessment method is proposed based on the improved Bayesian attack graph(I-BAG) model. First, the Improved Bayesian attack graph model is established, which takes attack benefits and threat factors into consideration. Compared with the existing attack graph models, it can better describe the website's security risk. Then, the improved Bayesian attack graph is constructed with optimized website attack graph, attack benefit nodes, threat factor nodes and the local conditional probability distribution of each node, which is calculated accordingly. Finally, website's attack probability and risk value are calculated on the level of nodes, hosts and the whole website separately. The experimental results demonstrate that the risk evaluating method based on I-BAG model proposed is a effective way for assessing the website security risk.
基金supported in part by the National Natural Science Foundation of China(Nos.12271211,12071179)the National Natural Science Foundation of Fujian Province(Nos.2021J01861)+2 种基金the Project of Education Department of Fujian Province(No.JT180263)the Youth Innovation Fund of Xiamen City(3502Z20206020)the Open Fund of Digital Fujian Big Data Modeling and Intelligent Computing Institute,Pre-Research Fund of Jimei University.
文摘Purpose:With the rapid development of Internet technology,cybersecurity threats such as security loopholes,data leaks,network fraud,and ransomware have become increasingly prominent,and organized and purposeful cyberattacks have increased,posing more challenges to cybersecurity protection.Therefore,reliable network risk assessment methods and effective network security protection schemes are urgently needed.Design/methodology/approach:Based on the dynamic behavior patterns of attackers and defenders,a Bayesian network attack graph is constructed,and a multitarget risk dynamic assessment model is proposed based on network availability,network utilization impact and vulnerability attack possibility.Then,the selforganizing multiobjective evolutionary algorithm based on grey wolf optimization is proposed.And the authors use this algorithm to solve the multiobjective risk assessment model,and a variety of different attack strategies are obtained.Findings:The experimental results demonstrate that the method yields 29 distinct attack strategies,and then attacker’s preferences can be obtained according to these attack strategies.Furthermore,the method efficiently addresses the security assessment problem involving multiple decision variables,thereby providing constructive guidance for the construction of security network,security reinforcement and active defense.Originality/value:A method for network risk assessment methods is given.And this study proposed a multiobjective risk dynamic assessment model based on network availability,network utilization impact and the possibility of vulnerability attacks.The example demonstrates the effectiveness of the method in addressing network security risks.
