Research on Network Defense Graph Model in Network Security

被引:1
作者
Qi, Feng [1 ]
Xu, Haili [1 ]
机构
[1] Heilongjiang Univ Chinese Med, Jiamusi Coll, Jiamusi 154007, Peoples R China
来源
INTERNATIONAL JOURNAL OF SECURITY AND ITS APPLICATIONS | 2016年 / 10卷 / 11期
关键词
Network Security; Active Defense; Defense Graph;
D O I
10.14257/ijsia.2016.10.11.03
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Security analysis and attack-defense modeling are effective method to identify the vulnerabilities of information systems for proactive defense. The attack graph model reflects only attack actions and system state changes, without considering the perspective of the defenders. To assess the network information system and comprehensively show attack and defense strategies and theirs cost, a defense graph model is proposed. Compared with the attack graph, the model makes some improvements. Defense graph will be mapped to the attack and defense game model, in order to provide a basis for active defense policy decision. What's more, a generation algorithm of defense graph is proposed. A representative example is provided to illustrate our models and generation algorithm.
引用
收藏
页码:23 / 32
页数:10
相关论文
共 21 条
[1]  
Ammann P., 2002, P 9 ACM C COMPUTER C, P217, DOI DOI 10.1145/586110.586140
[2]  
Cai Jianqiang, 2011, RES NETWORK VULNERAB
[3]  
Jia Wei, 2012, RES EVALUATION METHO
[4]  
Jiang W., 2009, CHINESE J COMPUTERS, V4, P817
[5]  
Jiang Weixin, 2010, COMPUTER RES DEV, V10, P1714
[6]  
Li Q., 2013, D DON SCI WORLD J, V2013, P1, DOI DOI 10.1155/2013/280384
[7]  
Li Qun, 2015, NETWORK SECURITY DEC
[8]  
Li Xuezhen, 2011, NETWORK SYSTEM SECUR
[9]  
Li Yan, 2010, RES NETWORK ATTACK E
[10]  
Liu Liu, 2013, SAFETY EVALUATION PO
123