Research on Key Technologies of Network Security Situational Awareness for Attack Tracking Prediction

扫码查看

原文链接

NETL
NSTL
万方数据
维普

外文摘要：This paper analyzed the existing network security situation evaluation methods and discovered that they cannot accurately reflect the features of large-scale, synergetic, multi-stage gradually shown by network attack behaviors. For this purpose, the association between attack intention and network configuration information was deep analyzed. Then a network security situation evaluation method based on attack intention recognition was proposed. Unlike traditional method, the evaluation method was based on intruder. This method firstly made causal analysis of attack event and discovered and simplified intrusion path to recognize every attack phases, then realized situation evaluation based on the attack phases. Lastly attack intention was recognized and next attack phase was forecasted based on achieved attack phases, combined with vulnerability and network connectivity. A simulation experiments for the proposed network security situation evaluation model is performed by network examples. The experimental results show that this method is more accurate on reflecting the truth of attack. And the method does not need training on the historical sequence, so the method is more effective on situation forecasting.

外文关键词：

Multi-stage attackSituation evaluationNetwork securityIntention recognitionCausal analysis

作者：

KOU Guang、WANG Shuo、TANG Guangming

展开 >

作者单位：

Artificial Intelligence Research Center, National Innovation Institute of Defense Technology, Beijing 100072, China

Information Engineering University, Zhengzhou 450001, China

基金：

This work is supported by the National Natural Science Foundation of ChinaFoundation of Science and Technology on Information Assurance Laboratory

项目编号：

61303074KJ-15-106

出版年：

2019

DOI：

10.1049/cje.2018.10.007

中国电子杂志(英文版)

CSTPCDCSCDSCIEI

ISSN：1022-4653

年,卷(期)：2019.28(1)

被引量1
参考文献量25