资料下载
一种基于动态建链推理的网络攻击过程分析方法
世态薄凉
分享资料个
提出一种动态漏洞链构造推理网络攻击过程的分析方法。以漏洞间推理关系为前提,从受害主机入手,构造有色加权有向图,在多日志中查找漏洞被利用的解释信息,并由查找结果对漏洞链动态剪枝,得到主机漏洞攻击链和攻击该受害主机的嫌疑主机,对嫌疑主机迭代分析,推理出网络漏洞攻击链。实例表明该方法能够快速有效地实现网络攻击过程分析,并且具有良好的可扩展性。
关 键 词 网络取证; 攻击分析; 漏洞链; 安全
Abstract Based on response after the attack incidents, a method of network attack process analysis by dynamic vulnerability linking was designed. The corresponding color weighted diagraph was setup in dependence on the inference relation of the security holes in the intruded machine. With the vulnerability-log relation matrix, we searched different forensic information source and got the corresponding support value which could help to prune the false relation between the nodes and get the remote suspicious host. Then analyzing the suspicious host in the same way. At last, we could get the whole attack process. The illustration indicates that this method can rapidly and effectively get the network attack process,and has the nice scalability.
Key words network forensic; attack analysis; vulnerability; security
声明:本文内容及配图由入驻作者撰写或者入驻合作网站授权转载。文章观点仅代表作者本人,不代表电子发烧友网立场。文章及其配图仅供工程师学习之用,如有内容侵权或者其他违规问题,请联系本站处理。 举报投诉
- 相关下载
- 相关文章
