| 基于系统漏洞的攻击场景构建 |
| |
| 引用本文: | 孙雷,姜淑娟,曾英佩,郭山清.基于系统漏洞的攻击场景构建[J].计算机工程,2007,33(20):150-152. |
| |
| 作者姓名: | 孙雷 姜淑娟 曾英佩 郭山清 |
| |
| 作者单位: | 1. 中国矿业大学计算机科学与技术学院,徐州,221008
2. 南京大学软件新技术国家重点实验室,南京,210093;南京大学计算机科学与技术系,南京,210093 |
| |
| 基金项目: | 中国矿业大学校科研和教改项目 |
| |
| 摘 要: | 在分析基于攻击前提和后果关联方法的基础上,提出了一种基于系统漏洞和报警相关度的攻击场景构建方法。它不仅能够利用系统漏洞信息验证报警的可靠性,排除误报,而且能够通过报警之间的相关度关联多跳攻击过程。实验结果表明,此方法能够有效地减少误报和漏报,从而有助于构建更加真实完整的攻击场景。
|
| 关 键 词: | 漏洞 相关度 攻击场景 |
| 文章编号: | 1000-3428(2007)20-0150-03 |
| 修稿时间: | 2006年10月19 |
Attack Scenarios Construction Based on System Vulnerabilities |
| |
| SUN Lei,JIANG Shu-juan,ZENG Ying-pei,GUO Shan-qing.Attack Scenarios Construction Based on System Vulnerabilities[J].Computer Engineering,2007,33(20):150-152. |
| |
| Authors: | SUN Lei JIANG Shu-juan ZENG Ying-pei GUO Shan-qing |
| |
| Affiliation: | (1. School of Computer Science and Technology, China University of Mining and Technology, Xuzhou 221008; 2. State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing 210093; 3. Department of Computer Science and Technology, Nanjing University, Nanjing 210093) |
| |
| Abstract: | The paper analyzes the method that correlates alerts on the basis of prerequisites and consequences.Then it proposes a method for constructing attack scenarios based on system vulnerabilities and alert relativity.It not only can validate the reliability of alerts through system vulnerabilities,remove false positives,but also can correlate attacks including many steps through alert relativity.The experiment results have demonstrated that the proposed approach can decrease false positives and false negatives effectively.It can help to construct more authentic and integrated attack scenarios. |
| |
| Keywords: | vulnerability relativity attack scenarios |
| 本文献已被 CNKI 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
|
