摘要: |
攻击树是一种网络攻击形式化描述和建模工具,具有结构化、可重用等优点。通过分析攻击树在实际应用中 的缺陷,提出了攻击树新的建立规则,并引入了时间序列和概率的概念,从而更加准确地实现了攻击模式的形式化 表示。应用改进后的攻击树描述了一个WEB攻击,结果表明该形式化方法具有很好的实用性和有效性。 |
关键词: 攻击模式 攻击树 形式化 WEB攻击 网络 |
DOI: |
分类号: |
基金项目: |
|
Formulization of network attack pattern based on improved attack tree |
DUAN You-xiang1,WANG Hai-feng2
|
(1. College of Computer & Communication Engineering in China University of Petroleum,Dongying 257061,Shandong Province, China;2. Department of Information in Shandong Linyi Normal College, linyi 276002,Shandong Province, China)
|
Abstract: |
As a mean for describing network attack pattern and modeling, attack tree is characterized by structure and reutilization. The disadvantages of the attack tree in application were analyzed. A new establishment rule for the attack tree was presented by introducing time-order and probability. It can increase the exactness of the methodology. The improved attack tree was used to describe WEB attack. The results show that the methodology is effective. |
Key words: attack pattern attack tree formulization WEB attack network |