%0 Journal Article
%T Attack graph generation method based onattack source excitation and attack atom filter<br>基于攻击源激发和攻击原子筛选的攻击图构建方法
%A JIAO Bo
%A HUANG Cheng-dong
%A HUANG Fei
%A LI Wei
%A <br>焦　波
%A 黄赪东
%A 黄　飞
%A 李　伟
%J 计算机应用研究
%D 2013
%I 
%X With the shortcoming of high time complexity and messy graphical presentation in large scale network application for attack graphs, this paper proposed a new generation method. The method visited network hosts using breadth-first traversing algorithm from attack sources based on target network model and attacker model, acquired attack atoms with attack patterns instantiation and confidential relationship for network connections between two hosts, filtered attack atoms through greedy principle and probability metric for attack atoms, and updated effect states of attack atoms. The experimental results show that the method can traverse once among hosts and filter attack atoms, not only has higher time efficiency, but also provides objective attack paths information for security events analyzing. The proposed method can meet the needs of attacking auxiliary decision, intrusion detection and network security evaluation in large scale network environment.
%K attack graph
%K network security
%K attack atom
%K attack source
%K greedy principle<br>攻击图
%K 网络安全
%K 攻击原子
%K 攻击源
%K 贪婪原则
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=A9D9BE08CDC44144BE8B5685705D3AED&aid=57319E4289F4438FBDF518CD946EE09C&yid=FF7AA908D58E97FA&vid=340AC2BF8E7AB4FD&iid=38B194292C032A66&sid=412FA1328E0CB9E9&eid=3DC9CEF02B8360EE&journal_id=1001-3695&journal_name=计算机应用研究&referenced_num=0&reference_num=10