Attack Graph Generation Algorithm for Large-Scale Network System

Ye Yun; Xu Xishan; Qi Zhichang; Wu Xueyang

Journal of Computer Research and Development > 2013 > 50(10): 2133-2139.

Ye Yun, Xu Xishan, Qi Zhichang, Wu Xueyang. Attack Graph Generation Algorithm for Large-Scale Network System[J]. Journal of Computer Research and Development, 2013, 50(10): 2133-2139.

Citation:

Ye Yun, Xu Xishan, Qi Zhichang, Wu Xueyang. Attack Graph Generation Algorithm for Large-Scale Network System[J]. Journal of Computer Research and Development, 2013, 50(10): 2133-2139.

Citation:

Ye Yun, Xu Xishan, Qi Zhichang, Wu Xueyang. Attack Graph Generation Algorithm for Large-Scale Network System[J]. Journal of Computer Research and Development, 2013, 50(10): 2133-2139.

PDF (1013 KB)

Attack Graph Generation Algorithm for Large-Scale Network System

1(PLA Unit 78046, Chengdu 610031) 2(College of Computer, National University of Defense Technology, Changsha 410073)

More Information

Published Date: October 14, 2013

Graphical Abstract

Abstract

Abstract

At present, with the rapid development of computer technology and network communication technology, the network security becomes more and more serious. An attacker can often infiltrate a seemingly well-guarded network system to promulgate threats using multi-step attacks by exploiting sequences of related vulnerabilities. And fortunately, the attack graphs are able to reveal such potential threats by enumerating all possible sequences of atomic attacks. Aiming at the problems that it is difficult to generate attack graphs for large network system, a scalable approach is proposed to generate the full attack graphs based on the in-depth analysis of the models' features of the network environment and the limitation of previous algorithms. Firstly, a novel modeling language AGML (Attack Graphs Modeling Language) is proposed, which describes the attack patterns and initial scenario. Secondly, a scalable approach is put forward to generate full attack graphs through the technologies of creating index for the attributes and instantiating attack patterns. Furthermore, the algorithm has been tested on simulated networks. The experimental result shows the approach could be applied to large-scale networks.
- network security,
- vulnerability,
- attack graph,
- attack pattern,
- attack graph automated generation

FullText(HTML)

References (0)

[1]	Lang Xuancong, Li Chunsheng, Liu Yong, Wang Mei. Regret Bounds for Online Pairwise Learning with Non-Convex Loss Functions Using Stability Analysis[J]. Journal of Computer Research and Development, 2023, 60(12): 2806-2813. DOI: 10.7544/issn1000-1239.202220221
[2]	Ma Haiyan, Liang Yongquan, Ji Shujuan, Li Da. A Trust-Distrust Based Reputation Attacks Defending Strategy and Its Stability Analysis[J]. Journal of Computer Research and Development, 2018, 55(12): 2685-2702. DOI: 10.7544/issn1000-1239.2018.20170587
[3]	Wei Shanshan, Xie Wei, He Zhiqiang. Digital Video Stabilization Techniques: A Survey[J]. Journal of Computer Research and Development, 2017, 54(9): 2044-2058. DOI: 10.7544/issn1000-1239.2017.20160078
[4]	Lin Fei, Sun Yong, Ding Hong, Ren Yizhi. Self Stabilizing Distributed Transactional Memory Model and Algorithms[J]. Journal of Computer Research and Development, 2014, 51(9): 2046-2057. DOI: 10.7544/issn1000-1239.2014.20130058
[5]	Huo Lin, Li Deshun, and Tan Yinglu. Algorithms of Spanning Tree Based on the Stability Probability and Contribution Link of Nodes for Application Layer Multicast[J]. Journal of Computer Research and Development, 2012, 49(12): 2559-2567.
[6]	Wang Bo, Huang Jiuming, Jia Yan, and Yang Shuqiang. Research on a Common Feature Selection Method for Multiple Supervised Models[J]. Journal of Computer Research and Development, 2010, 47(9): 1548-1557.
[7]	Zhang Zhong and Li Chuandong. Asymptotical Stability Analysis for Recurrent Neural Networks with Time-Varying Delays[J]. Journal of Computer Research and Development, 2007, 44(6): 973-979.
[8]	Wu Zhendong and Li Shanping. A Topology Control Algorithm Based on Link Reliability and Multi-Path for Sensor Networks[J]. Journal of Computer Research and Development, 2007, 44(2): 216-222.
[9]	Wang Sichun, Zhang Taishan, Yin Zhiyun, Zhang Chuwen. Stability Analysis of Multiobjective Decision Functions Based on GP 【removal】[J]. Journal of Computer Research and Development, 2005, 42(8): 1318-1323.
[10]	Yang Hongyong, Kong Xiangxin, Zhang Fuzeng. Stability of an AQM Control Algorithm with Communication Delays[J]. Journal of Computer Research and Development, 2005, 42(7): 1123-1127.