원문정보
초록
영어
Security analysis and attack-defense modeling are effective method to identify the vulnerabilities of information systems for proactive defense. The attack graph model reflects only attack actions and system state changes, without considering the perspective of the defenders. To assess the network information system and comprehensively show attack and defense strategies and theirs cost, a defense graph model is proposed. Compared with the attack graph, the model makes some improvements. Defense graph will be mapped to the attack and defense game model, in order to provide a basis for active defense policy decision. What’s more, a generation algorithm of defense graph is proposed. A representative example is provided to illustrate our models and generation algorithm.
목차
1. Introduction
2. Defense Graph Model
2.1 Defense Graph Model Definition
2.2 Generation of Defense Graph
3 Algorithm Descriptions
4. Experimental Analysis and Results
4.1 Connection Information
4.2 Offensive and Defensive Template Rule Construction
4.3. Defense Graph Generation
5. Conclusion
References