【打印本页】      【下载PDF全文】   查看/发表评论  下载PDF阅读器  关闭
←前一篇|后一篇→ 过刊浏览    高级检索
本文已被:浏览 5510次   下载 5407 本文二维码信息
码上扫一扫!
基于多启发式信息融合的攻击路径发现算法研究
胡泰然,臧艺超,曹蓉蓉,王清贤,王晓凡
分享到: 微信 更多
(数学工程与先进计算国家重点实验室 郑州 中国 450001;国防大学政治学院 上海 中国 200433)
摘要:
攻击路径发现对于提高信息系统安全具有重要意义,传统攻击路径发现技术存在考虑因素有限以及可扩展性不高的问题,导致其在网络攻击复杂化和网络规模扩大化的趋势下应用价值有限。针对该问题,本文提出一种基于多启发式信息融合的攻击路径发现算法,该算法结合攻击路径发现背景知识,将漏洞威胁程度,漏洞成功率以及主机资产作为启发式函数计算依据引导攻击路径搜索,达到减少搜索范围、提高路径可用性的目的;并且基于SMHA*(Share Multi-Heuristic A*,SMHA*)框架实现多种启发式信息融合,共同引导攻击路径搜索。通过与现有规划算法进行对比实验,验证了本算法能够更加灵活而全面地考虑攻击路径发现中的现实因素,且规划效率也能够满足实际需求,能够有效提高规划结果的可行性以及应用价值。
关键词:  攻击路径发现  启发式搜索  信息融合  Shared Multi-Heuristic A*
DOI:10.19363/J.cnki.cn10-1380/tn.2021.05.13
投稿时间:2020-06-23修订日期:2020-09-21
基金项目:
Research on Attack Path Discovery Algorithm Based on Multi-Heuristic Information Fusion
HU Tairan,ZANG Yichao,CAO Rongrong,WANG Qingxian,WANG Xiaofan
State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China;Political College of National Defense University, Shanghai 200433, China
Abstract:
Research on attack path discovery is of great significance for improving information system security, but traditional attack path discovery technology has few concerning factors and low scalability, which leads to its limited application value under the trend of network attack complexity and network scale expansion. To tackle this problem, this paper proposes an attack path discovery algorithm based on multi-heuristic information fusion. This algorithm combines the domain knowledge of cybersecurity, taking in the vulnerability threat degree, vulnerability success rate, and host assets level as heuristic functions, to reduce the problem complexity and improve the path availability. Moreover, with the SMHA* (Share Multi-Heuristic A *, SMHA*) framework, a variety of heuristic information is combined to jointly guide the attack path search. Through the comparison with the existing planning algorithms, it is verified that this algorithm can consider more realistic factors in attack path discovery more flexibly and comprehensively, and the planning efficiency can also meet the actual requirements, making attack path discovery more feasible and of great application value.
Key words:  attack path discovery  heuristic search  information fusion  Shared Multi-Heuristic A*