A Network Security Analysis Model Based on the Increase in Attack Ability

Zhang Haixia, Su Purui, and Feng Dengguo

Journal of Computer Research and Development > 2007 > 44(12): 2012-2019.

Zhang Haixia, Su Purui, and Feng Dengguo. A Network Security Analysis Model Based on the Increase in Attack Ability[J]. Journal of Computer Research and Development, 2007, 44(12): 2012-2019.

Citation:

Zhang Haixia, Su Purui, and Feng Dengguo. A Network Security Analysis Model Based on the Increase in Attack Ability[J]. Journal of Computer Research and Development, 2007, 44(12): 2012-2019.

Citation:

Zhang Haixia, Su Purui, and Feng Dengguo. A Network Security Analysis Model Based on the Increase in Attack Ability[J]. Journal of Computer Research and Development, 2007, 44(12): 2012-2019.

PDF (504 KB)

A Network Security Analysis Model Based on the Increase in Attack Ability

Zhang Haixia, Su Purui, and Feng Dengguo

(State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing 100080)

More Information

Published Date: December 14, 2007

Graphical Abstract

Abstract

Abstract

In recent years, network vulnerability analysis, which is attracting more and more domestic researchers and foreign researchers, has become a hotspot in the field of information security. A new model of network security analysis based on the increase in attack ability is proposed. It takes into account the network environment and simulates the attacker's behavior, and considers improving the attack ability as attacker's ultimate target to generate attack graph. The method used to represent attack graph make the attack target more clear, because it uses the attack ability's increment to describe a goal, which is more accurate than the attack ability itself. The minimum attack cost analysis considers the influence of similar attacks to compute the cost of each path for the first time, which conforms to the actual process of attack execution. The minimum environment change analysis can help people find out which attack path is most likely to be adopted by the attacker, which deals with IDS in a more reasonable way. These two analysis methods are helpful for improving the network configuration. The algorithm of attack graph generation and the method to analyze the attack graph proposed by the network security analysis model is more feasible than the existing ones.
- network security,
- network security analysis,
- attack model,
- attack graph,
- attack ability

FullText(HTML)

References (0)

[1]	Guo Yuhan, Zhang Yu, Shen Xueli, Yu Junyu. Multi-Strategy Solution Space Graph Search Algorithm of Real-Time Ride-Sharing Problem[J]. Journal of Computer Research and Development, 2020, 57(6): 1269-1283. DOI: 10.7544/issn1000-1239.2020.20190484
[2]	Sun Qian, Xue Leiqi, Gao Ling, Wang Hai, Wang Yuxiang. Selection of Network Defense Strategies Based on Stochastic Game and Tabu Search[J]. Journal of Computer Research and Development, 2020, 57(4): 767-777. DOI: 10.7544/issn1000-1239.2020.20190870
[3]	Shen Yijie, Zeng Dan, Xiong Jin. A Benefit Model Based Data Reuse Mechanism for Spark SQL[J]. Journal of Computer Research and Development, 2020, 57(2): 318-332. DOI: 10.7544/issn1000-1239.2020.20190563
[4]	Wang Ye, Li Qingbao, Zeng Guangyu, Chen Zhifeng. A Code Reuse Attack Protection Technique Based on Code Anti-Leakage[J]. Journal of Computer Research and Development, 2016, 53(10): 2277-2287. DOI: 10.7544/issn1000-1239.2016.20160423
[5]	Xie Heng, Wang Mei, Le Jiajin, Sun Li. Calculation Results Characteristics Extract and Reuse Strategy Based on Hive[J]. Journal of Computer Research and Development, 2015, 52(9): 2014-2024. DOI: 10.7544/issn1000-1239.2015.20140548
[6]	Jin Wenbing, Shi Feng, Zuo Qi, Zhang Yang. Study of Ahead Branch Prediction Architecture and Algorithm[J]. Journal of Computer Research and Development, 2013, 50(10): 2228-2238.
[7]	Lin Junmin, Wang Wei, Qiao Lin, and Tang Zhizhong. A Cache Replacement Policy Based on Reuse Distance Prediction and Stream Detection[J]. Journal of Computer Research and Development, 2012, 49(5): 1049-1060.
[8]	Zhang Qi, Wang Mei, Le Jiajin, Liu Guohua. Scheduling Algorithm for the Reuse Buffers in Column-Store Data Warehouse Query Execution[J]. Journal of Computer Research and Development, 2011, 48(10): 1942-1950.
[9]	Luo Shutong, Pei Zhili, Zhang Changhai, Jin Ying. A of Feature Reuse Method at Requirement Level Based on Aspect Encapsulation[J]. Journal of Computer Research and Development, 2011, 48(9): 1714-1721.
[10]	Song Shijie, Hu Huaping, Zhou Jiawei, and Jin Shiyao. A Sequential Pattern Mining Algorithm Based on Large-Itemset Reuse[J]. Journal of Computer Research and Development, 2006, 43(1): 68-74.