A Dynamic Network Risk Assessment Model Based on Attacker’s Inclination

Ma Chunguang; Wang Chenghong; Zhang Donghong; Li Yingtao

doi:10.7544/issn1000-1239.2015.20140177

Journal of Computer Research and Development > 2015 > 52(9): 2056-2068. > DOI: 10.7544/issn1000-1239.2015.20140177 CSTR: 32373.14.issn1000-1239.2015.20140177

Ma Chunguang, Wang Chenghong, Zhang Donghong, Li Yingtao. A Dynamic Network Risk Assessment Model Based on Attacker’s Inclination[J]. Journal of Computer Research and Development, 2015, 52(9): 2056-2068. DOI: 10.7544/issn1000-1239.2015.20140177

Citation:

PDF (3641 KB)

A Dynamic Network Risk Assessment Model Based on Attacker’s Inclination

(College of Computer Science and Technology, Harbin Engineering University, Harbin 150001)

More Information

Published Date: August 31, 2015

Graphical Abstract

Abstract

Abstract

This article proposes a new dynamic network risk analysis model based on attackers’ inclination in order to solve some problems of the traditional risk analysis method based on attack graph. Traditional attack graph based on risk assessment method relies highly on the known vulnerability database and only analyzes the atomic attacks’ attribute regardless of the relationship between attack strategies and attackers’ inclination. In our model we take both the existing vulnerabilities and unknown threatens into consideration, then evaluate the attackers pressures during different attack periods so that we quantize the attackers’ inclination dynamically under the network environment. Then, we add the attackers’ inclination factors and atomic attack attributes into graph based risk assessment model, and we create a new type of attack graph using attackers’ inclination factors. Finally we set up a dynamic risk assessment method by using Bayesian reasoning engine. We convert our static attack to the dynamic Bayesian attack graph, and use the posterior probability computed by Bayesian reasoning engine to realize the dynamic risk assessment. We establish a real-world experiment environment to simulate our dynamic risk assessment model based on attackers’ inclination and validate its function. Experimental results demonstrate the rationality of this model, and prove that this system is more suitable for real-time risk assignment under the actual network environment.
- Bayesian attack graph,
- attack pressure,
- attacker’s inclination,
- potential threats,
- risk assessment

FullText(HTML)

References (0)

[1]	Zeng Biqing, Zeng Feng, Han Xuli, Shang Qi. Aspect Extraction Model Based on Interactive Feature Representation[J]. Journal of Computer Research and Development, 2021, 58(1): 224-232. DOI: 10.7544/issn1000-1239.2021.20190305
[2]	Wang Xin, Wang Ying, Zuo Wanli. Exploring Interactional Opinions and Status Theory for Predicting Links in Signed Network[J]. Journal of Computer Research and Development, 2016, 53(4): 764-775. DOI: 10.7544/issn1000-1239.2016.20151079
[3]	Zhu Jun, Guo Changguo, Wu Quanyuan. A Web Services Interaction Behavior-Environment Model Based on Generalized Stochastic Petri Nets[J]. Journal of Computer Research and Development, 2012, 49(11): 2450-2463.
[4]	Zhu Jun, Guo Changguo, Wu Quanyuan. A Runtime Monitoring Web Services Interaction Behaviors Method Based on CPN[J]. Journal of Computer Research and Development, 2011, 48(12): 2277-2289.
[5]	Zhu Yingjie, Li Chunpeng, Ma Wanli, Xia Shihong, Zhang Tielin, Wang Zhaoqi. Interaction Feature Modeling of Virtual Object in Immersive Virtual Assembly[J]. Journal of Computer Research and Development, 2011, 48(7): 1298-1306.
[6]	Lu Difei, Ren Wenhua, Li Guojun, and Si Jin. Example Based 3D Animation Creating Interactively[J]. Journal of Computer Research and Development, 2010, 47(1): 62-71.
[7]	Tong Xiangrong, Huang Houkuan, Zhang Wei. Prediction and Abnormal Behavior Detection of Agent Dynamic Interaction Trust[J]. Journal of Computer Research and Development, 2009, 46(8): 1364-1370.
[8]	Wu Lingda, Gao Yu, and Wei Yingmei. A Survey of Interactive Rendering of Large-Scale and Complex Scenes[J]. Journal of Computer Research and Development, 2007, 44(9): 1579-1587.
[9]	Wang Xiaochun, Tian Feng, Qin Yanyan, and Dai Guozhong. UPIM: A User-Centered Pen-Based Interactive System[J]. Journal of Computer Research and Development, 2006, 43(8): 1337-1344.
[10]	Liu Wei, ChunTung Chou, Cheng Wenqing, Du Xu. Proxy Caching for Interactive Streaming Media[J]. Journal of Computer Research and Development, 2006, 43(4): 594-600.