A method for establishing the attack group model by means of the relationship graph of various attacks has been proposed. Under the constraints of time characteristics as well as the causality relation it can determine the attack sequence and reconstruct the attack sequence of the cooperative intrusion. Beside, make a timely response without considering the ratio of damage cost and response cost of the individual attack,so as to achieve the maximal reduction of the response cost.%本文提出了一种通过关系图建立攻击群模型的方法,在时间特征及因果关系的约束条件下,判断攻击序列,重构协同入侵行为的攻击过程,在无须考虑攻击群中个体的响应成本与损失成本的比例的情况下,及时对攻击行为做出响应,从而达到最大程度地减少响应成本的目的.
展开▼