OALib Journal期刊
ISSN: 2333-9721
费用：99美元

投递稿件

查看量	下载量

相关文章
更多...

电子学报 2013

基于智能规划的多步攻击场景识别算法

DOI: 10.3969/j.issn.0372-2112.2013.09.013, PP. 1753-1759

胡亮,解男男,努尔布力,刘志宇,柴胜

Keywords: 多步攻击,智能规划,攻击场景识别

Full-Text Cite this paper Add to My Lib

Abstract:

多步攻击的识别过程与智能规划的求解过程具有一定的对应性.提出了一种基于智能规划的多步攻击识别模型,将智能规划的方法应用于多步攻击识别的领域,并以此为基础实现相应的识别算法.采用DARPA数据集进行实验,这种算法在多步攻击识别领域,具有较好的有效性和可行性,能够达到可接受的准确率和完备率.

References

[1]	国家互联网应急中心.中国互联网网络安全报告 [EB/OL].http://www.cert.org.cn/publish/main/46/2012/20120523085533341215471/20120523085533341215471_.html,2012
[2]	丁德路,姜云飞.智能规划及其应用研究 [A].2001年中国智能自动化会议论文集(下册) [C].北京:中国自动化学会,2001.837-844 Ding Delu,Jiang Yunfei.Intelligent planning and its application [A].CIAC''2001 [C].Beijing:Chinese Association of Automation,2001.837-844.(in Chinese)
[3]	Jakobson G,Weissman M,Brenner L,et al.GRACE:Building next generation event correlation services [A].Network Operations and Management Symposium [C].Washington DC:IEEE Computer Society,2000.701-714.
[4]	NING P,XU D.Learning attack strategies from intrusion alerts [A].Proceedings of the 10th ACM Conference on Computer and Communications Security [C].New York:ACM,2003.200-209.
[5]	Qin X,LEE W.Discovering novel attack strategies form INFOSEC alerts [A].Proceddings of 9th European Symposium on Research in Computer Security [C].US:Springer,2004.439-456.
[6]	张永,陆余良.多阶段网络攻击建模[J].网络安全技术与应用,2002,(4):16-21. Zhang Yong,Lu Yuliang.Multi-stage network attack modeling[J].Network Security Technology & Application,2002,(4):16-21.(in Chinese)
[7]	赖海光,黄皓,谢俊元.基于系统状态集合的攻击模型及其应用[J].计算机应用,2005,25(7):1535-1539. Lai Haiguang,Huang Hao,Xie Junyuan.Attack model and its application based on system states aggregation[J].Computer Applications,2005,25(7):1535-1539.(in Chinese)
[8]	田志宏,张伟哲,张永铮,等.基于权能转换模型的攻击场景推理、假设与预测[J].通信学报,2007,28(12):78-84. Tian Zhihong,Zhang Weizhe,Zhang Yongzheng,et al.Attack scenarios reasoning,hypothesizing and predicting based on capability transition model[J].Journal of Communications,2007,28(12):78-84.(in Chinese)
[9]	郭山清,曾英佩,谢立.基于可信报警事件的在线攻击场景重构算法[J].计算机科学,2006,33(8):100-105. Guo Shanqing,Zeng Yingpei,Xie Li.An online attack scenarios construction algorithms based on delievable alarms[J].Computer Science,2006,33(8):100-105.(in Chinese)
[10]	Peng Ning,Yun Cui,Douglas S Reeves.Constructing attack scenarios through correlation of intrusion alerts [A].Proceedings of the 9th ACM Conference on Computer and Communications Security [C].New York:ACM,2002.245-254.
[11]	Baize Eric.Developing secure products in the age of advanced persistent threats[J].IEEE Security & Privacy,2012,10(3):88-92.
[12]	Jakobson G,Lemmon A,Weissman M.Knowledge-based Gui for network surveillance and fault analysis [A].Network Operations and Management Symposium [C].Washington DC:IEEE Computer Society,1994.846-855.
[13]	梅海彬,龚俭,张明华.基于警报序列聚类的多步攻击模式发现研究[J].通信学报,2011,32(5):63-69. Mei Haibin,Gong Jian,Zhang Minghua.Research on discovering multi-step attack patterns based on clustering IDS alert sequences[J].Journal on Communications,2011,32(5):63-69.(in Chinese)
[14]	何金山.基于智能规划的多步攻击识别方法的研究 [D].长春:吉林大学计算机科学与技术学院,2012. He Jinshan.Research on Multi-Stage Attack Recognition Method Based on AI Planning [D].Changchun:Computer Science and Technology College of Jilin University,2012.(in Chinese)
[15]	王英梅,程湘云,刘增良.基于有限状态机的多阶段网络攻击方法研究[J].空军工程大学学报(自然科学版),2006,7(1):31-34 Wang Yingmei,Cheng Xiangyun,Liu Zengliang.The research for multi-stage attacks based on FSM[J].Journal of Air Force Engineering University(Natural Science Edition),2006,7(1):31-34.(in Chinese)
[16]	王永杰,鲜明,刘进,王国玉.基于攻击图模型的网络安全评估研究[J].通信学报,2007,28(3):29-34. Wang Yongjie,Xian Ming,Liu Jin,Wang Guoyu.Study of network security evaluation based on attack graph model[J].Journal on Communications,2007,28(3):29-34.(in Chinese)
[17]	Zhang ZH,Ho PH.Janus:A dual-purpose analytical model for understanding,characterizing and counterming multi-stage collusive attacks in enterprise networks.Journal of network and computer applications,2009,32(3):710-720.
[18]	黄光球,任大勇.基于双枝模糊决策与模糊Petri网的攻击模型[J].计算机应用,2007,27(11):2689-2693. Huang Guangqiu,Ren Dayong.Attack model based on both-branch fuzzy decision-making and fuzzy petri net[J].Journal of Computer Applications,2007,27(11):2689-2693.(in Chinese)
[19]	孙雷,姜淑娟,曾英佩,郭山清.基于系统漏洞的多步攻击场景构建[J].计算机工程,2007,33(20):150-152. Sun Lei,Jiang Shujuan,Zeng Yingpei,Guo Shanqing.Attack scenarios construction based on system vulnerabilities[J].Computer Engineering,2007,33(20):150-152.(in Chinese)
[20]	Ahmadinejad SH,Jalili S,Abadi M.A Hybrid model for correlating alerts of known and unknown attack scenarios and updating attack graphs[J].Computer networks,2011,55(9):2221-2240.
[21]	Liu Zhijie,Wang Chongjun,Chen Shifu.Correlating multi-step attack and constructing attack scenarios based on pattern modeling [A].Proceedings of the second international conference on information security and assurance [C].Washington DC:IEEE Computer Society,2008.214-219.
[22]	Peng Ning,Yun Cui,Douglas S Reeves,DingBang Xu.Techniques and tools for analyzing intrusion alerts[J].ACM Transactions on Information and System Security,2004,7(2):274-318.

Full-Text

Contact Us

service@oalib.com

QQ:3279437679

WhatsApp +8615387084133