A network attack model based on colored Petri net

被引：0

作者：

Li, Xinlei ^{[1
]}

Li, Di ^{[2
]}

机构：

[1] Henan Normal University, Xinxiang

来源：

Journal of Networks | 2014年 / 9卷 / 07期

关键词：

Attack behavior; Concept space; Generation; Petri Net Machine; Synthesis;

D O I：

10.4304/jnw.9.7.1883-1891

中图分类号：

O144 [集合论]; O157 [组合数学（组合学）];

学科分类号：

070104 ;

摘要：

The researches have shown that not all the Petri Net machines can be used to describe attack behavior. When Petri Net machines adapted for attack behavior modeling are detecting the network, for some event of current status, if there is matching event in the model, it has only one corresponding transition; otherwise that may cause errors. Since sharing synthesis and synchronization synthesis of traditional machines cannot ensure synthetic model reserves original detection capability, we propose the novel concept for synthesis operation and colored synthetic operation. By the analysis on the relation among these operations, the ability to reserve original detection is verified. Then an improved colored judgement Petri Net machine is adopted for modeling and renewing the knowledge repository. The inductive learning method is used to extend the attack modes. It creates a four-layered concept space, which actually provides a depth-first search path for matching. To solve the problems in multi-pattern matching and incremental learning, various modes are generalized by colored operation. We also adopt the decomposition and synthesis operation to handle the pattern matching of distributed attack behavior and attack information fusion. Finally the actual cases verify that our algorithm is feasible. © 2014 ACADEMY PUBLISHER.

引用

页码：1883 / 1891

页数：8

共 15 条

[1]

Junzhou L., Jun S., Guanqun G., Guanqun, From Petri Nets to Formal Description Techniques and Protocol Engineering, Journal of Software, 11, 5, pp. 606-615, (2000)

[2]

Kumar S., Classification and Detection of Computer Intrusions, Phd Thesis Department of Computer Sciences, 19, 8, pp. 21-71, (1995)

[3]

Slagell M., A Critique of the 1998 and 1999 DARPA Intrusion Detection System L, evalualions as Performed by Lincoln Lahoratory, JACM Trans On Information and System Security, 2000, 3, 4, pp. 262-294, (2000)

[4]

Guiping S., Sha S., Research of security protocols analysis language based on coloured Petri net, Microcomputer & Its Applications, 30, 15, pp. 1-7, (2011)

[5]

Jun Z., Changguo G., Quanyuan W., A Runtime Monitoring Web Services Interaction Behaviors Method Based on CPN, Journal of Computer Research and Development, 48, 12, pp. 2276-2289, (2011)

[6]

Xiao-Ling S., Ning W., Yan L., Yan, Fuzzy Reasoning by Using <arked Fuzzy Petri Nets, Computer Engineering & Science, 34, 3, pp. 152-157, (2012)

[7]

Abouelabbas G., Georg F., Component based colored Petri net model for Ethernet based networked control systems, Proceedings of IEEE Symposium On Emerging Technologies and Factory Automation, pp. 1100-1103, (2008)

[8]

Lianzhang Z., Xiuhu S., Colored petri net based workflow model mapping, Proceedings of 3rd International Conference On Biomedical Engineering and Informatics, pp. 2743-2747, (2010)

[9]

Jian-Jun D., Zhong-Fu W., Ming C., Attack modeling using colored Petri net and alerts correlation algorithms design, Journal of Chongqing University, 34, 4, pp. 118-124, (2011)

[10]

Mohamed B., Pavol B., Walter S., Colored Petri Net inversion for Backward reachability analysis, IFAC Proceedings Volumes, 2, 1, pp. 227-232, (2009)

← 1 2 →