Approach to attack path generation based on vulnerability correlation

机译：基于漏洞相关性的攻击路径生成方法

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Network attack path analysis is an important method for analyzing the security status of computer network, which can automatically analyze the correlation between network vulnerabilities and potential threats resulting from vulnerabilities. It plays a guiding role in establishing network security policy. This paper chooses NVD and Bugtraq as vulnerability data sources, and extracts key properties required to build a vulnerability database that mainly contains privilege escalation vulnerabilities in Linux system and common server software. An association analysis of vulnerabilities and related information is made and properties are abstracted to construct atomic attacks and corresponding atomic attack database. A network attack model is constructed from network connection and host configuration. Via matching atomic attacks in attack database, the paper adopts state comparison algorithm to mine potential attack paths that may lead to specified attack goals. The experiment verifies that the proposed approach can reduce the number of attack states effectively and mine all non-redundant attack paths.

机译：网络攻击路径分析是分析计算机网络安全状态的重要方法，它可以自动分析网络漏洞之间的相关性和漏洞产生的潜在威胁。它在建立网络安全策略方面发挥了指导作用。本文将NVD和BugtraQ选择为漏洞数据源，并提取构建漏洞数据库所需的关键属性，该数据库主要包含Linux系统和公共服务器软件中的特权升级漏洞。对漏洞和相关信息的关联分析，抽象属性以构建原子攻击和相应的原子攻击数据库。网络攻击模型由网络连接和主机配置构建。通过匹配的攻击数据库中的原子攻击，纸张采用状态比较算法来挖掘可能导致指定攻击目标的潜在攻击路径。实验验证了所提出的方法可以有效地降低攻击状态的数量，并挖掘所有非冗余攻击路径。

著录项

来源
《IEEE International Conference on Computer-Aided Industrial Design Conceptual Design》|2014年||共6页
会议地点
作者
Yu Xiaohong; Jiang Jianhui; Shuai Chunyan;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类计算技术、计算机技术;
关键词
atomic attack; attack path generation; network attack; network vulnerability; vulnerability correlation;

机译：原子攻击;攻击道路生成;网络攻击;网络漏洞;漏洞相关性;

相似文献

外文文献
中文文献
专利

1. An automated black box approach for web vulnerability identification and attack scenario generation [J] . Rim Akrout, Eric Alata, Mohamed Kaaniche, Brazilian Computer Society. Journal . 2014,第1期

机译：用于网络漏洞识别和攻击场景生成的自动黑匣子方法
2. An automated black box approach for web vulnerability identification and attack scenario generation [J] . Rim Akrout, Eric Alata, Mohamed Kaaniche, Brazilian Computer Society. Journal . 2014,第1期

机译：用于Web漏洞识别和攻击情景生成的自动黑匣子方法
3. NETWORK ATTACK PATH PREDICTION BASED ON VULNERABILITY DATA AND KNOWLEDGE GRAPH [J] . YIFAN WANG, ZHI SUN, YE HAN International Journal of Innovative Computing Information and Control . 2021,第5期

机译：基于漏洞数据和知识图形的网络攻击路径预测
4. Approach to attack path generation based on vulnerability correlation [C] . Yu Xiaohong, Jiang Jianhui, Shuai Chunyan IEEE International Conference on Computer-Aided Industrial Design Conceptual Design . 2014

机译：基于漏洞相关性的攻击路径生成方法
5. Software security economics and Threat Modeling Based on Attack Path Analysis; a stakeholder value driven approach [D] . Chen, Yue 2007

机译：基于攻击路径分析的软件安全经济学和威胁建模；利益相关者价值驱动的方法
6. An Analysis of China’s Onshore and Offshore Exchange Rates—Adjusted Thermal Optimal Path Approach Based on Pruning and Path Segmentation [O] . Dawen Yan, Kin Keung Lai 2019

机译：基于修剪和路径分割的中国陆上和海上汇率调整后热优化路径方法分析
7. EEG Signal Discrimination using Non-linear Dynamics in the EMD Domain S. M. Shafiul Alam,S. M. Shafiul Alam,Aurangozeb, and Syed TarekShahriar Abstract—An EMD-chaos based approach is proposed todiscriminate EEG signals corresponding to healthy persons,and epileptic patients during seizure-free intervals and seizureattacks. An electroencephalogram (EEG) is first empiricallydecomposed to intrinsic mode functions (IMFs). The nonlineardynamics of these IMFs are quantified in terms of the largestLyapunov exponent (LLE) and correlation dimension (CD).This chaotic analysis in EMD domain is applied to a large groupof EEG signals corresponding to healthy persons as well asepileptic patients (both with and without seizure attacks). It isshown that the values of the obtained LLE and CD exhibitfeatures by which EEG for seizure attacks can be clearlydistinguished from other EEG signals in the EMD domain.Thus, the proposed approach may aid researchers in developingeffective techniques to predict seizure activities. Index Terms—Electroencephalogram (EEG), empiricalmode decomposition (EMD), largest Lyapunov exponent (LLE),correlation dimension (CD), epileptic seizures. The Authors are with the Electrical and Electronic EngineeringDepartment, Bangladesh University of Engineering and Technology,Dhaka-1000, Bangladesh (e-mail: imamul@eee.buet.ac.bd) PDF Cite: S. M. Shafiul Alam,S. M. Shafiul Alam,Aurangozeb, and Syed Tarek Shahriar, "EEG Signal Discrimination using Non-linear Dynamics in the EMD Domain," International Journal of Computer and Electrical Engineering vol. 4, no. 3, pp. 326-330, 2012. PREVIOUS PAPER Perception of Emotions Using Constructive Learningthrough Speech NEXT PAPER Physical Layer Impairments Aware OVPN Connection Selection Mechanisms Copyright © 2008-2013. International Association of Computer Science and Information Technology Press (IACSIT Press) [O] . S. M. Shafiul Alam, Syed TarekShahriar 2012

机译：EEG信号在EMD域S. S. Shafiul Alam，S中的非线性动力学使用非线性动力学。 M. Shafiul Alam，Aurangozeb和Syed Tarekshahriar摘要 - 基于EMD Chaos的方法，提出了对应于健康人的EEG信号，癫痫发作期间的癫痫患者和Seizureattacks。脑电图（EEG）首先被凭经上分解为内在模式功能（IMF）。这些IMF的非线性动力学在最大范围的指数（LLE）和相关尺寸（CD）方面是量化的。本域中的混沌分析应用于与健康人相对应的大型脑电图（Asepileptic患者）（两者都有癫痫发作）。因此，所获得的LLE和CD表展的价值可以从EMD领域的其他EEG信号中清晰地区分脑电图的表达展示。本拟议的方法可以帮助研究人员以预测癫痫发作的癫痫发作技术。索引术语 - 脑电图（EEG），仿真态分解（EMD），最大的Lyapunov指数（LLE），相关维度（CD），癫痫发作。作者与电气电子和电子工程公司，孟加拉国工程和技术大学，孟加拉国达卡 - 1000（电子邮件：imamul@eee.buet.ac.bd）pdf cite：s. m. shafiul Alam，s。 M. Shafiul Alam，Aurangozeb和Syed Tarek Shahriar，“EEG信号歧视在EMD领域的非线性动态，”计算机电气工程卷国际杂志。 4，不。 3，pp。326-330,2012，上一篇论文对情绪的看法，使用建设性的学习言论下一篇论文物理层障碍意识到OVPN连接选择机制版权所有©2008-2013。国际计算机科学与信息技术协会出版社（IACSIT Press）
8. Mapping Attack Paths in Black-Box Networks Through Passive Vulnerability Inference. [R] . Ghosh, A., Noel, S., Jajodia, S. 2011

机译：通过被动漏洞推理映射黑盒网络中的攻击路径。

Approach to attack path generation based on vulnerability correlation

摘要

著录项

相似文献

相关主题

期刊订阅