Optimal method for the generation of the attack path based on the Q-learning decision

被引：0

作者：

Li T. ^{[1
]}

Cao S. ^{[1
]}

Yin S. ^{[1
]}

Wei D. ^{[1
]}

Ma X. ^{[1
]}

Ma J. ^{[1
]}

机构：

[1] School of Network and Information Security, Xidian University, Xi'an

来源：

Xi'an Dianzi Keji Daxue Xuebao/Journal of Xidian University | 2021年 / 48卷 / 01期

关键词：

Attack graph; Network security; Optimization algorithm; Q-learning; Reinforcement learning;

D O I：

10.19665/j.issn1001-2400.2021.01.018

中图分类号：

学科分类号：

摘要：

The main research purpose of this paper is to generate a dynamic approach to finding the optimal attack path based on the Q-learning algorithm in machine learning,and to improve the efficiency and adaptability of this approach.The method,based on the Q-learning algorithm and by the reference network connectivity and partition,uses the delete inaccessible path in the network topology reduction method,and simulated by machine learning hacker attacks,combines state and action,in keep learning to improve their ability of adaptation and decision-making,so as to generate the optimal attack path efficiently.Finally,through experiments,the established simulated attacker can obtain the state-value table in the Q-learning method in the environment with the IDS alarm device,and can obtain the optimal attack path sequence from the source host to the destination host by traversing the Q table,which verifies the validity and accuracy of the model and algorithm.At the same time,by analyzing the host reachability in advance,the redundant nodes are greatly reduced,a great advantage in large network topology. © 2021, The Editorial Board of Journal of Xidian University. All right reserved.

引用

页码：160 / 167

页数：7

共 14 条

[1] PHILLIPS C, SWILER L P., A Graph-based Network-vulnerability Analysis System, Proceedings of the New Security Paradigms Workshop, pp. 71-79, (1998)
[2] YANG Yingjie, LENG Qiang, CHANG Dexian, Et al., Research on Network Dynamic Threat Analysis Technology Based on Attribute Attack Graph, Journal of Electronics & Information Technology, 41, 8, pp. 1838-1846, (2019)
[3] pp. 153-160, (2007)
[4] ZHANG Shuqin, LI Kaijiang, ZHANG Lu, Et al., Research on Attack Graph Generation Based on Q-learning Mechanism, Electronic Science and Technology, 31, 10, pp. 6-10, (2018)
[5] YE Ziwei, GUO Yuanbo, WANG Chendong, Et al., Survey on Application of Attack Graph Technology, Journal on Communications, 38, 11, pp. 121-132, (2017)
[6] SUN Yipin, ZHONG Qiuxi, SU Jinshu, Research on Intention Recognition Based on HMM, Computer Engineering & Science, 29, 8, pp. 19-22, (2007)
[7] LI Qingpeng, WANG Buhong, WANG Xiaodong, Et al., Approach on Network Security Enhancement Strategies Based on Optimal Attack Path, Computer Science, 40, 4, pp. 152-154, (2013)
[8] DEWRI R, RAY I, POOLSAPPASIT N, Et al., Optimal Security Hardening on Attack Tree Models of Networks:a Costbenefit Analysis[J], International Journal of Information Security, 11, 3, pp. 167-188, (2012)
[9] WANG Hui, RU Xinxin, DAI Tianwang, Et al., Attack Profit Path Prediction Algorithm Based on NAPG Model, Journal of Jilin University(Science Edition), 57, 5, pp. 1169-1178, (2019)
[10] WANG Hui, LOU Yalong, DAI Tianwang, Et al., Vulnerability Evaluation Algorithm Based on BNAG Model, Computer Engineering, 45, 9, pp. 128-135, (2019)

← 1 2 →