Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

System for generating assaulting chart facing network safety alarm incident

A network security and generation system technology, applied in the field of attack graph generation system, can solve the problems of potential attack path loss, inability to fully contain knowledge, etc., and achieve the effect of easy engineering implementation

Inactive Publication Date: 2008-10-08
SHANGHAI JIAO TONG UNIV +1
View PDF1 Cites 29 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, from the perspective of alarm correlation, the cost of merging is the loss of some potential attack paths, which makes it unable to completely contain all the knowledge required for alarm correlation

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System for generating assaulting chart facing network safety alarm incident
  • System for generating assaulting chart facing network safety alarm incident
  • System for generating assaulting chart facing network safety alarm incident

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] The embodiments of the present invention are described in detail below in conjunction with the accompanying drawings: this embodiment is implemented on the premise of the technical solution of the present invention, and detailed implementation methods and specific operating procedures are provided, but the protection scope of the present invention is not limited to the following the described embodiment.

[0040] Such as figure 1 As shown, the present embodiment includes: a network initial configuration information module, an OVAL vulnerability scanning report collection module, a knowledge base, a network connectivity analysis module, a data structure establishment module, an attack graph generation module and an attack graph display module, wherein:

[0041] The network initial configuration information module receives the network topology, gateway filtering rules, etc. input by the user, and stores them in the knowledge base;

[0042] The OVAL vulnerability scanning...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

An attack graph generation system facing to network security alarm association in the field of computer network, in the present invention, the network initial configuration information module receives the network topological structure, gateway filtering rule input by the users; OVAL vulnerability scanning report collecting module collects the vulnerabilities in all the apparatuses in the network; the network connectivity analyzing module transmits connectivity between ant two apparatuses to the attack graph generation module; the data structure establishing model respectively establishes a kind of data to describe aiming at the attacker state, apparatus state, implantation vulnerability behavior, atom attack action, system state in the network; the knowledge base stores the network topological structure, gateway filtering rule, vulnerability to transfer by the attack graph generation module; the attack graph generation module transfers the information in the knowledge base, generates the network attack graph and transmits the generated attack graph to the attack graph displaying module to visually display to the user; the system work complexity of the present invention is O(N<5>) and is easy to realize the project.

Description

technical field [0001] The invention relates to a system in the technical field of computer network security, in particular to an attack graph generation system oriented to network security alarm association. Background technique [0002] With the increasingly complex computer network structure, security administrators need to deal with more and more alarms generated by heterogeneous security devices. The alarm correlation technology transforms the complex and disordered network alarm flow into a structured and easy-to-understand attack scenario through the formal description of the correlation knowledge, and assists the administrator to obtain valuable security situation information. The network attack graph can succinctly and completely record the dependencies between penetration steps, and is considered an ideal carrier of associated knowledge. However, the traditional network attack graph generation method has high computational complexity and cannot include all potenti...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L12/66H04L12/26H04L12/24G06F17/30
Inventor 李建华张少俊陈秀真范磊
Owner SHANGHAI JIAO TONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com