Attack graph generation method based onattack source excitation and attack atom filter
基于攻击源激发和攻击原子筛选的攻击图构建方法

With the shortcoming of high time complexity and messy graphical presentation in large scale network application for attack graphs, this paper proposed a new generation method. The method visited network hosts using breadth-first traversing algorithm from attack sources based on target network model and attacker model, acquired attack atoms with attack patterns instantiation and confidential relationship for network connections between two hosts, filtered attack atoms through greedy principle and probability metric for attack atoms, and updated effect states of attack atoms. The experimental results show that the method can traverse once among hosts and filter attack atoms, not only has higher time efficiency, but also provides objective attack paths information for security events analyzing. The proposed method can meet the needs of attacking auxiliary decision, intrusion detection and network security evaluation in large scale network environment.