Research on attack intention recognition based on graphical model
Intention recognition is the ability to predict an opposing forces high level goals. Knowing an attackers intention can support the decision-making of the network security administrators. Furthermore Intent analysis plays an import role in the calculation of the inherent threat value. So how to recognize attack intention has become a research hot in network security domain recently.In this paper taxonomy of attack intention characterized by consequences of attack and targets of attack is introduced at first. Then a graphical model based on network security state is presented and used to recognize attack intention. D-S evidence theory is also introduced to deal with the uncertainty in the process of intent inference. Next algorithms of intention recognition and threat assessment are given in detail in order to offer a way to assess the network security situation. Finally several experiments are done in a local network. The results of the experiments prove the feasibility and validity of this method.
network security intention recognition graphical model
Peng Wu Wang Zhigang Chen Junhua
Lab for Computer Network Defense Technology Beijing Institute of Technology Beijing,China School of Computer Science Beijing Institute of Technology Beijing,China
国际会议
The Fifth International Conference on Information Assurance and Security(第五届信息保障与安全国际会议)
西安
英文
360-363
2009-08-18(万方平台首次上网日期,不代表论文的发表时间)