Research on Network Topology Pollution Attack Defense Based on Intrusion Deception
In order to improve the defensive capability for network topology pollution attack,this paper presented a method of defending network topology pollution attack based on intrusion deception.Firstly,the intrusion deception system was used to simulate the network vulnerability and collect attack patterns,and then they were added to the knowledge base.Secondly,the type of pollution information in knowledge base was judged by multiple vectors orthogo-nal to the subspace.In this way,the classification of network topology pollution attack types was completed.Based on classification results,the cost and benefit of network attack and defense were analyzed quantitatively.Moreover,a quantitative model was constructed.Based on attack graph,defense graph and game theory,a model of defending at-tacks was constructed to obtain the best strategy of defending network topology pollution attacks.The experimental re-sults prove that the proposed method can effectively detect the hijacking attacks in host and forgery attacks in link,improve the defense effect of network topology pollution attack as well as the timeliness of attack defense.
Intrusion deceptionNetwork topologyPollution attack defenseDefense mapGame theory
NETL
NSTL
万方数据
