ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2019, Vol. 56 ›› Issue (5): 929-941.doi: 10.7544/issn1000-1239.2019.20190012

所属专题: 2019智能网络理论与关键技术专题

• 网络技术 • 上一篇    下一篇

一种智能高效的最优渗透路径生成方法

王硕1,3,王建华1,2,汤光明1,裴庆祺3,张玉臣1,刘小虎1   

  1. 1(中国人民解放军战略支援部队信息工程大学 郑州 450001); 2(空军电子技术研究所 北京 100195); 3(综合业务网理论及关键技术国家重点实验室(西安电子科技大学) 西安 710071) (WaltShuo@163.com)
  • 出版日期: 2019-05-01
  • 基金资助: 
    国家重点研发计划项目(2016YFB0800601);国家自然科学基金重点项目(U1636209);国家“八六三”高技术研究发展计划基金项目(2015AA016106)

Intelligent and Efficient Method for Optimal Penetration Path Generation

Wang Shuo1,3, Wang Jianhua1,2, Tang Guangming1, Pei Qingqi3, Zhang Yuchen1, Liu Xiaohu1   

  1. 1(Zhengzhou Information Science and Technology Institute, Zhengzhou 450001); 2(Electronic Technology Institute of Air Force, Beijing 100195); 3(State Key Laboratory of Integrated Services Networks (Xidian University), Xi’an 710071)
  • Online: 2019-05-01

摘要: 在考虑未知攻击和内部攻击条件下,为进一步提高最优渗透路径生成效率,提出一种智能高效的最优渗透路径生成方法.首先给出双层威胁渗透图(two-layer threat penetration graphs, TLTPG)模型,其下层为主机威胁渗透图(host threat penetration graph, HTPG),其上层为网络威胁渗透图(network threat penetration graph, NTPG);然后,基于知识图谱,构建主机资源知识图谱(host resource knowledge graph, HRKG),用于智能高效推理生成HTPG;进一步,利用HTPG,设计智能化的基于渗透信息交换的NTPG生成算法;最后依据TLTPG,设计任意2个主机间的最优渗透路径生成算法.实验结果表明:该方法能够描述未知攻击和内部攻击,且可提高最优渗透路径的生成效率.

关键词: 最优渗透路径生成, 智能高效, 双层威胁渗透图, 知识图谱, 渗透信息交换

Abstract: Considering the insider and unknown attack, to further improve the efficiency, an intelligent-efficient method for generating the optimal penetration path is put forward. Firstly, we define the two-layer threat penetration graph(TLTPG), where the lower layer is called host threat penetration graph(HTPG) and the upper layer is called network threat penetration graph(NTPG). Then, based on knowledge graph, we build the host resource knowledge graph(HRKG), which is used to generate the HTPG intelligently and efficiently. Further, utilizating the HTPG, we design the NTPG generation algorithm based on penetration information exchange. Finaly, we describe the algorithm of optimal penetration path generation by using the TLTPG. Experimental results show that the proposed method can improve the efficiency of generating the optimal penetration path under the condition that the insider and unknown attack are considered.

Key words: generating the optimal penetration path, intelligent-efficient, two-layer threat penetration graph, knowledge graph, penetration information exchange

中图分类号: