Attack model and its application based on system states aggregation

doi:10.3724/SP.J.1087.2005.01535

Journal of Computer Applications ›› 2005, Vol. 25 ›› Issue (07): 1535-1539.DOI: 10.3724/SP.J.1087.2005.01535

• Information security • Previous Articles Next Articles

Attack model and its application based on system states aggregation

LAI Hai-guang^1,2, HUANG Hao¹, XIE Jun-yuan¹

1.Department of Computer Science and Technology, Nanjing University; 2. Institute of Command Automation, PLA University of Science and Technology

Received:2004-12-09 Revised:2005-03-04 Online:2005-07-01 Published:2005-07-01

基于系统状态集合的攻击模型及其应用

赖海光^1,2，黄皓¹，谢俊元¹

1.南京大学计算机科学与技术系，江苏南京 210093；
2.解放军理工大学指挥自动化学院，江苏南京 210007

作者简介:赖海光（1975-），男，福建漳州人，讲师，博士研究生，主要研究方向：计算机网络、信息安全；黄皓（1957-），男，江苏海门人，教授，博士生导师，主要研究方向：信息安全、网络安全；谢俊元（1961-），男，江苏苏州人，教授，博士生导师，主要研究方向：人工智能、信息安全
基金资助:
国家863计划项目（2003AA142010）

Abstract

Abstract:

In order to evaluate a systems security and predict the attack actions, an attack model based on system states aggregation was presented. In the model, the threat was abstracted as the aggregation of the systems states, and the attack process was depicted as the change of the system states aggregation. A method of detecting network attacks and early warning using the model was also described. Based on the model, an early warning prototype was implemented. Our experiment shows that the prototype is able to detect attack processes effectively and predict the possible risk level the system will reach.

Key words: attack model, attack action, attack process, attack process detection, early warning

摘要：

为了评价系统的安全状况，对可能发生的攻击行为进行预警，提出了一种基于系统状态集合的攻击模型，使用系统状态的集合对系统的安全威胁进行抽象，并将攻击过程描述为系统状态集合的改变。同时还描述了一种利用此攻击模型进行攻击检测和预警的方法。基于该模型，实现了一个安全预警的原型系统。实验结果表明该系统能够有效检测攻击过程，并预测出系统可能达到的危险等级。

关键词: 攻击模型, 攻击行为, 攻击过程, 攻击过程检测, 安全预警

CLC Number:

TP393.08

LAI Hai-guang, HUANG Hao, XIE Jun-yuan. Attack model and its application based on system states aggregation[J]. Journal of Computer Applications, 2005, 25(07): 1535-1539.

赖海光，黄皓，谢俊元. 基于系统状态集合的攻击模型及其应用[J]. 计算机应用, 2005, 25(07): 1535-1539.

[1]	LI Yan, HUANG Guangqiu, ZHANG Bin. New network vulnerability diffusion analysis method based on cumulative effect [J]. Journal of Computer Applications, 2015, 35(8): 2169-2173.
[2]	QIU Xing-guo WANG Bo-hui. 3D visualization algorithm of color gradual interpolation for mine pre-warning data sets [J]. Journal of Computer Applications, 2012, 32(06): 1601-1604.
[3]	Guang-qiu HUANG Chun-zi WANG Bin ZHANG. Rough attack model based on object Petri net of expanded time [J]. Journal of Computer Applications, 2011, 31(08): 2146-2151.
[4]	. Network risk assessment model based on rough graph [J]. Journal of Computer Applications, 2010, 30(1): 190-195.
[5]	Hai-Tang SI . Object’s warning and forecast method based on voronoi k-order neighboring relations [J]. Journal of Computer Applications, 2009, 29(2): 598-601.
[6]	Guang-qiu HUANG Jin-cheng WANG. Consistent varying-weight fuzzy Petri net attack model based on both-branch fuzzy set [J]. Journal of Computer Applications, 2009, 29(2): 529-534.
[7]	. Semantic clustering-based attack detection model on CF-based recommender systems [J]. Journal of Computer Applications, 2009, 29(05): 1312-1320.
[8]	Da-yong REN. Attack model based on both-branch fuzzy decision-making and fuzzy Petri net [J]. Journal of Computer Applications, 2007, 27(11): 2689-2693.
[9]	WANG Sheng,SUN Le-chang,GAN Guo-zheng. Application research based on Granger causality test for attack detection [J]. Journal of Computer Applications, 2005, 25(06): 1282-1285.

Attack model and its application based on system states aggregation

基于系统状态集合的攻击模型及其应用

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 9

Recommended Articles

Metrics