Please wait a minute...
浙江大学学报(工学版)  2017, Vol. 51 Issue (9): 1745-1759    DOI: 10.3785/j.issn.1008-973X.2017.09.009
计算机技术     
采用混和路径攻击图的防御方案生成方法
余洋, 夏春和, 胡潇云
北京航空航天大学 计算机学院 网络技术北京市重点实验室, 北京 100191
Defense scheme generation method using mixed path attack graph
YU Yang, XIA Chun-he, HU Xiao-yun
School of Computer Science and Engineering, Key Laboratory of Beijing Network Technology, Beijing University of Aeronautics and Astronautics, Beijing 100191, China
 全文: PDF(1685 KB)   HTML
摘要:

通过分析已知漏洞的共性,给出漏洞及其利用规则的形式描述.构造混合路径攻击图(MPAG)模型,扩展攻击图的描述语义.将0-day漏洞利用产生的隐式攻击路径和已知漏洞产生的显式攻击路径描述在同一攻击图中,并计算0-day漏洞利用率的风险.基于混合路径攻击图和多目标优化理论,给出防御方案生成方法及均衡生成成本和风险的防御方案.实验结果表明:混合路径攻击图能描述隐式攻击路径,同时可能引入同一场景下传统攻击图中没被利用过的已知漏洞;基于混合路径攻击图生成的防御方案具有更好的路径覆盖率,能够帮助安全管理员找出防御措施库存在的遗漏.

Abstract:

The common properties of known vulnerability were discussed; the formal description of vulnerability and its exploiting rule were proposed. A mixed path attack graph (MPAG) model was constructed to extend the description semantic of attack graph. MPAG could describe the hidden attack path introduced by 0-day vulnerability and the explicit one introduced by known vulnerability in the same attack graph. Also, the risk of 0-day vulnerability exploiting ratio was calculated. At last, based on MPAG and multi-objective theory, the method of defense scheme generation was proposed, which could generate defense scheme cost and risk balanced. The experiment shows that MAPG could describe hidden attack path, and new known vulnerabilities, which are not exploited in traditional attack graph, may be introduced in MPAG; the ratio of path cover of defense scheme generated based on MPAG is better, and the method can help the security manager find out the omission of defense measure library.

收稿日期: 2016-11-02 出版日期: 2017-08-25
CLC:  TP393  
基金资助:

国家自然科学基金资助项目(U1636208).

通讯作者: 夏春和,男,教授.orcid.org/0000-0003-4424-8449.     E-mail: xch@buaa.edu.cn
作者简介: 余洋(1985-),男,博士生,从事网络安全、信任评估研究.orcid.org/0000-0003-3639-9271.E-mail:kiko441500@cse.buaa.edu.cn
服务  
把本文推荐给朋友
加入引用管理器
E-mail Alert
作者相关文章  

引用本文:

余洋, 夏春和, 胡潇云. 采用混和路径攻击图的防御方案生成方法[J]. 浙江大学学报(工学版), 2017, 51(9): 1745-1759.

YU Yang, XIA Chun-he, HU Xiao-yun. Defense scheme generation method using mixed path attack graph. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2017, 51(9): 1745-1759.

链接本文:

http://www.zjujournals.com/eng/CN/10.3785/j.issn.1008-973X.2017.09.009        http://www.zjujournals.com/eng/CN/Y2017/V51/I9/1745

[1] KENNEY M. Cyber-Terrorism in a Post-Stuxnet world[J]. Orbis, 2015, 59(1):111-128.
[2] RITCHEY R W, AMMANN P. Using model checking to analyze network vulnerabilities[C]//Proceeding of the IEEE Symposium on Security and Privacy. New Jersey:IEEE, 2000:156-165.
[3] SHEYNER O, HAINES J, JHA S, et al. Automated generation and analysis of attack graphs[C]//Proceeding of the IEEE Symposium on Security and Privacy. New Jersey:IEEE, 2002:273-284.
[4] SHEYNER O, WING J. Tools for generating and analyzing attack graphs[C]//Proceeding of the International Symposium on Formal Methods for Components and Objects. Berlin:Springer, 2003:344-371.
[5] INGOLS K, CHU M, LIPPMANN R, et al. Modeling modern network attacks and countermeasures using attack graphs[C]//Proceeding of the IEEE International Conference on Computer Security Applications. New Jersey:IEEE, 2009:117-126.
[6] TRIPATHI A, SINGH U K. Taxonomic analysis of classification schemes in vulnerability databases[C]//Proceeding of the 6th IEEE International Conference on Computer Sciences and Convergence Information Technology. New Jersey:IEEE, 2011:686-691.
[7] MCQUEEN M A, MCQUEEN T A, BOYER W F, et al. Empirical estimates and observations of 0-day vulnerabilities[C]//Proceeding of the 42nd IEEE International Conference on System Sciences. New Jersey:IEEE, 2009:1-12.
[8] ZHANG S, CARAGEA D, OU X. An empirical study on using the national vulnerability database to predict software vulnerabilities[C]//Proceeding of the international Conference on Database and Expert Systems Applications. Berlin:Springer, 2011:217-231.
[9] WANG L, JAJODIA S, SINGHAL A, et al. K-zero day safety:a network security metric for measuring the risk of unknown vulnerabilities[J]. IEEE Transactions on Dependable and Secure Computing, 2014, 11(1):30-44.
[10] WANG L, JAJODIA S, SINGHAL A, et al. K-zero day safety:measuring the security risk of networksagainst unknown attacks[C]//Proceeding of the International Symposium on Research in Computer Security. Berlin:Springer, 2010:573-587.
[11] NOEL S, JAJODIA S, O'BERRY B, et al. Efficient minimum-cost network hardening via exploit dependency graphs[C]//Proceeding of the 19th IEEE International Conference on Computer Security Applications. New Jersey:IEEE, 2003:86-95.
[12] WANG L, NOEL S, JAJODIA S. Minimum-cost network hardening using attack graphs[J]. Computer Communications, 2006, 29(18):3812-3824.
[13] ALBANESE M, JAJODIA S, NOEL S. Time-efficient and cost-effective network hardening using attack graphs[C]//Proceeding of the 42nd IEEE International Conference on Dependable Systems and Networks. New Jersey:IEEE, 2012:1-12.
[14] SERRA E, JAJODIA S, PUGLIESE A, et al. Pareto-optimal adversarial defense of enterprise systems[J]. ACM Transactions on Information and System Security, 2015, 17(3):11-15.
[15] DEWRI R, RAY I, POOLSAPPASIT N, et al. Optimal security hardening on attack tree models of networks:a cost-benefit analysis[J]. International Journal of Information Security, 2012, 11(3):167-188.
[16] 闫峰.基于攻击图的网络安全风险评估技术研究[D].吉林:吉林大学,2014:12-31. YAN Feng. Research on the technology of network security risk evaluation based on attack graph[D]. Jiling:Jiling University, 2014:12-31.
[17] 吴金宇,金舒原,杨智.基于网络流的攻击图分析方法[J].计算机研究与发展.2011, 48(8):1497-1505. WU Jin-yu, JIN Shu-yuan, YANG Zhi. Analysis of attack graphs based on network flow method[J]. Journal of Computer Research and Development, 2011,48(8):1497-1505.
[18] KHOSRAVI-FARMAD M, REZAEE R, HARATI A, et al. Network security risk mitigation using Bayesian decision networks[C]//Proceeding of the 4th IEEE International Conference on Computer and Knowledge Engineering. New Jersey:IEEE, 2014:267-272.
[19] 陈小军,时金桥,徐菲,等.面向内部威胁的最优安全策略算法研究[J].计算机研究与发展.2014(7):1565-1577. CHEN Xiao-jun, SHI Jin-jiao, XU Fei, et al. Algorithm of optimal security hardening measures against insider threat[J]. Journal of Computer Research and Development, 2014(7):1565-1577.
[20] WANG S, ZHANG Z, KADOBAYASHI Y. Exploring attack graph for cost-benefit security hardening:a probabilistic approach[J]. Computers and Security, 2013, 32(2013):158-169.
[21] POOLSAPPASIT N, DEWRI R, Ray I. Dynamic security risk management using bayesian attack graphs[J]. IEEE Transactions on Dependable and Secure Computing, 2012, 9(1):61-74.
[22] LI Y L. An approach towards standardising vulnerability categories[D]. Pretoria:University of Pretoria,2008.
[23] OU X, GOVINDAVAJHALA S, APPEL A W. MulVAL:a logic-based network security analyzer[C]//Proceedings of the 14th Conference on USENIX Security Symposium-Volume 14. Berkeley:USENIX Association, 2005:8-12.
[24] MELL P, SCARFONE K, ROMANOSKY S, et al. Common vulnerability scoring system[J]. IEEE Security and Privacy, 2006, 4(6):85-89.
[25] ALHAZMI O H, MALAIYA Y K, RAY I. Measuring, analyzing and predicting security vulnerabilities in software systems[J]. Computers and Security, 2007, 26(3):219-228.
[26] SERRA E, JAJODIA S, PUGLIESE A, et al. pareto-optimal adversarial defense of enterprise systems[J]. ACM Transactions on Information and System Security, 2015, 17(3):11-15.
[27] DEB K, PRATAP A, AGARWAL S, et al. A fast and elitist multiobjective genetic algorithm:NSGA-Ⅱ[J]. IEEE Transactions on Evolutionary Computation, 2002, 6(2):182-197.

[1] 刘炜伦, 张衡阳, 郑博, 高维廷. 优先级区分服务的机载网络媒质接入控制协议[J]. 浙江大学学报(工学版), 2019, 53(1): 99-106.
[2] 赖晓翰, 文昊翔, 陈隆道. 潮间带无线传感器网络路由算法[J]. 浙江大学学报(工学版), 2018, 52(12): 2414-2422.
[3] 刘臻, 武泽慧, 曹琰, 魏强. 基于漏洞指纹的软件脆弱性代码复用检测方法[J]. 浙江大学学报(工学版), 2018, 52(11): 2180-2190.
[4] 齐小刚, 王振宇, 刘立芳, 刘兴成, 马久龙. 无线传感器和执行器网络可靠高效路由[J]. 浙江大学学报(工学版), 2018, 52(10): 1964-1972.
[5] 胡钢, 徐翔, 过秀成. 基于解释结构模型的复杂网络节点重要性计算[J]. 浙江大学学报(工学版), 2018, 52(10): 1989-1997.
[6] 任智源, 侯向往, 郭凯, 张海林, 陈晨. 分布式卫星云雾网络及时延与能耗策略[J]. 浙江大学学报(工学版), 2018, 52(8): 1474-1481.
[7] 贾文超, 胡荣贵, 施凡, 许成喜. 多特征关联的注入型威胁检测方法[J]. 浙江大学学报(工学版), 2018, 52(3): 524-530.
[8] 李冰, 金涛, 陈帅. 提高SRAM PUFs密钥生成可靠性的方法[J]. 浙江大学学报(工学版), 2018, 52(1): 133-141.
[9] 罗友强, 刘胜利, 颜猛, 武东英. 基于通信行为分析的DNS隧道木马检测方法[J]. 浙江大学学报(工学版), 2017, 51(9): 1780-1787.
[10] 尹可挺, 周波, 张帅, 徐斌, 陈一稀, 江丹. Web服务组合中基于QoS的自底向上服务替换[J]. J4, 2010, 44(4): 700-709.
[11] 王瑞琴, 孔繁胜, 潘俊. 基于WordNet的无导词义消歧方法[J]. J4, 2010, 44(4): 732-737.
[12] 周强, 应晶, 吴明晖. 基于特征分类的机会网络多因素预测路由[J]. J4, 2010, 44(3): 413-419.
[13] 欧阳杨, 陈宇峰, 陈溪源, 等. 教育语义网中的知识领域本体建模[J]. J4, 2009, 43(09): 1591-1596.
[14] 孔祥杰, 沈国江, 梁同海. 具有公交优先的路网交通流智能协调控制[J]. J4, 2009, 43(6): 1026-1031.
[15] 王健, 孙建伶, 王新宇, 等. 软件容错模型中的部分抢占实时调度算法[J]. J4, 2009, 43(6): 1047-1052.