摘要
现有脆弱性分析方法难以兼顾评估目标系统整体安全性和脆弱点的严重程度,同时评估过程需要处理大量的不确定信息。为此,提出一种层次化威胁度的HTV分析方法。首先,通过分析原子攻击和攻击证据的关联性,提出一种因果关系检测算法CRDA,以确定二者因果关系;其次,依据攻击模型的系统架构,给出贝叶斯攻击图BAG定义,并给出对应的生成算法BAGA,以及时有效地识别脆弱点;最后,给出脆弱点威胁度定义和计算模型,并以攻击者所获脆弱点权限为基准,将威胁度划分不同层次,以有效评估脆弱点的严重程度和目标系统整体安全性。实验结果表明,所提方法评估系统整体安全性以及脆弱点的严重程度是完全可行且有效的。
Existing vulnerability analysis approach is hard to assess both the overall security of target systems and the severity of their vulnerabilities,meanwhile the assessment process has to deal with a great number of undetermined information. Therefore,we proposed a HTV method for the hierarchical threats degree. First,by analysing the correlation between atomic attack and attack evidence,we presented a causation detection algorithm named CRDA to determine the causation between them. Then,based on the system architecture of attack model,we suggested the definition of Bayesian attack graph( BAG) and proposed its corresponding generation algorithm BAGA to timely and effectively identify the vulnerabilities. Finally,we presented the definition of vulnerability threats degree and its calculation model,and divided threats degree into different levels according to the benchmark of the privilege of vulnerabilities the attackers obtained so as to effectively assess their severity and the overall security of the target systems. Experimental results showed that the proposed method is provably feasible and effective in evaluating both the overall security of the target systems and the severity of vulnerabilities.
出处
《计算机应用与软件》
CSCD
2016年第7期287-293,共7页
Computer Applications and Software
基金
国家自然科学基金项目(61300216)
教育部博士点基金项目(20124116120004)
河南省教育厅科学技术研究重点项目(13A510325)
关键词
贝叶斯攻击图
攻击模型
因果关系
脆弱点威胁度
Bayesian attack graph
Attack model
Causation
Threat degree of vulnerability
