|
|
计算机应用研究 2009
Mining and taxonomy of network attack effects
|
Abstract:
Aiming at brief and abstract network attack effects proposed by existing researches, this paper studied a mining and taxonomy of network attack effects. Defined atom function as basic unit of network attack effects, and proposed the mining principles of atom functions.Analyzed three attack databases including national vulnerability database (NVD), Snort rules, and Lincoln Laboratory attack tools for intrusion detection evaluation. At last more than 100 atom functions were enumerated and divided into 5 groups. These atomic functions are independent with specific meanings, which can represent most typical network attacks. Network attack effect evaluation can analyze quantitative evaluation methods of every attack effects group and present metrics to assess every atomic function on the basis of these atomic functions.
