Recognizing Intrusive Intention and Assessing Threat Based on Attack Path Analysis
Intention recognition is the ability to predict an opposing forces high level goals. Knowing an attackers intention can support the decision-making of the network security administrators. Threat assessment based on intention analysis is an important part of network security situation awareness. So how to recognize attack intention and assess threat has become a research hot in network security domain recently. In this paper attack path graph generation algorithms at a different granularity is presented at first. Then the methods of intrusive intention recognition and threat assessment based on attack path analysis are proposed. Next in order to block an attackers intention to be achieved, the way to provide protective measures at minimum cost based on minimum vertex cut theory is addressed. Finally several experiments are done in a local network, and the results of the experiments prove the feasibility and validity of this method.
intention recognition attack path graph minimum cut set
Peng Wu Yao Shuping Chen Junhua
School of Mechanics and Electronics Beijing Institute of Technology Beijing, China School of Computer Science Beijing Institute of Technology Beijing, China
国际会议
武汉
英文
1132-1135
2009-11-18(万方平台首次上网日期,不代表论文的发表时间)