首页 | 本学科首页   官方微博 | 高级检索  
     

一种基于动态建链推理的网络攻击过程分析方法
引用本文:刘晶,伏飞,戴江山,肖军模. 一种基于动态建链推理的网络攻击过程分析方法[J]. 电子科技大学学报(社会科学版), 2006, 0(5)
作者姓名:刘晶  伏飞  戴江山  肖军模
作者单位:解放军理工大学通信工程学院 南京210007
基金项目:国家自然科学基金资助项目(69931040)
摘    要:提出一种动态漏洞链构造推理网络攻击过程的分析方法。以漏洞间推理关系为前提,从受害主机入手,构造有色加权有向图,在多日志中查找漏洞被利用的解释信息,并由查找结果对漏洞链动态剪枝,得到主机漏洞攻击链和攻击该受害主机的嫌疑主机,对嫌疑主机迭代分析,推理出网络漏洞攻击链。实例表明该方法能够快速有效地实现网络攻击过程分析,并且具有良好的可扩展性。

关 键 词:网络取证  攻击分析  漏洞链  安全

A Method of the Network Attack Process Analysis Based on Dynamic Linking Inference
LIU Jing,FU Fei,DAI Jiang-shan,XIAO Jun-mo. A Method of the Network Attack Process Analysis Based on Dynamic Linking Inference[J]. Journal of University of Electronic Science and Technology of China(Social Sciences Edition), 2006, 0(5)
Authors:LIU Jing  FU Fei  DAI Jiang-shan  XIAO Jun-mo
Abstract:Based on response after the attack incidents, a method of network attack process analysis by dynamic vulnerability linking is designed. The corresponding color weighted diagraph is setup in dependence on the inference relation of the security holes in the intruded machine. With the vulnerability-log relation matrix, we searched different forensic information sources are searched. The corresponding support value and the remote suspicious host are obtaind. Then the suspicious host in the same way is analyzed. The illustration indicates that this method can get the network attack process rapidly and effectively.
Keywords:network forensic  attack analysis  vulnerability  security
本文献已被 CNKI 等数据库收录!
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号