원문정보
초록
영어
Attack intention recognition is to reason and judge the goal of attackers according to attack behavior and network environment. In order to deal with the dynamical character of offense-defense confrontation, a dynamical real-time network attack intention recognition algorithm was proposed. By correlating real-time security alerts and vulnerabilities, we recognized the spread route and stage of attacks based on graph theory and probability theory. Then we identified the attack intention and predicted the possible transition of attacks, combined with network connectivity relationship. A simulation experiments for the proposed network attack intention recognition algorithm is performed by network examples. The experimental results show that the proposed method can be more accurately identify attack intention and fully predict the post stage of attacks.
목차
1. Introduction
2. Real-Time Network Attack Intention Recognition Model
2.1 Alarm Information
2.2 Security Event
2.3 Network Connectivity
2.4 Vulnerability Exploiting Relationship
2.5 Attack Intention Stage Transition Model
3. Real-Time Attack Intention Identification and Prediction
3.1 Information Fusion
3.2 Attack Scenario Clustering
3.3 Real-Time Attack Stage Recognition Algorithm
3.4 Real-Time Attack Stage Prediction Algorithm
4. Experimental Analysis
References