Network risk blocking method based on attack graph and co-evolution

A co-evolution and attack graph technology, applied in electrical components, transmission systems, etc., can solve problems such as low accuracy, long calculation time, and inability to achieve the effect of improving efficiency, reducing cost, and enhancing accuracy

Active Publication Date: 2019-01-15
BEIJING INSTITUTE OF TECHNOLOGYGY
View PDF4 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the existing network security risk assessment method based on the attack graph model can only be adapted to small networks, and it is often difficult to evaluate and calculate large-scale networks with a large number of host nodes. The calculation takes a long time and the accuracy of the assessment is low.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network risk blocking method based on attack graph and co-evolution
  • Network risk blocking method based on attack graph and co-evolution
  • Network risk blocking method based on attack graph and co-evolution

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] The present invention will be described in detail below with reference to the accompanying drawings and examples.

[0033] The attack graph model considers the network topology information in the network modeling work, which provides comprehensive information for the evaluation, and the model detector provides an automatic means for the generation of the attack graph model, which reduces the human subjective factors in the evaluation work. Influence, more scientifically. The attack graph model can be used to qualitatively or quantitatively analyze the vulnerable links, vulnerable links, attack paths, and system loss risks of computer network systems.

[0034] The co-evolutionary algorithm is a new algorithm proposed for the deficiencies of the current popular intelligent optimization algorithms. It considers the influence of the relationship between individuals and between individuals and the environment on the evolution of individuals. Compared with the genetic algor...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a network risk blocking method based on attack graph and co-evolution. The method comprises the steps of 1, scan that network environment with a vulnerability scanning tool to obtain network vulnerable point information, configuration information and topology information, generating an attack graph by using the three kinds of information, and define a plurality of risk measurement attributes and a calculation method of attribute values of each node in the attack graph; 2, according to the calculation method of each risk measurement attribute value, obtaining the data setof each node's risk measurement attribute value in the attack graph, and determining the weight of each risk measurement attribute according to the entropy value method; 3, weighting and fusing the data sets of the risk measurement attribute values of each node to obtain the comprehensive value of the risk measurement attribute values of each node; Fourthly, the comprehensive value of each node 's risk measurement attribute is used as the input of the co-evolutionary algorithm, and the risk evaluation value of each node set is obtained through the initial population determination, fitness function calculation, individual selection, cross-operation and mutation operation, and the network blocking path is evaluated accordingly.

Description

technical field [0001] The invention belongs to the technical field of computer network security, and in particular relates to a network risk blocking method based on attack graph and co-evolution. Background technique [0002] Network security assessment methods are mainly divided into two types, one is the rule-based assessment method, and the other is the model-based assessment method. The traditional rule-based network risk assessment method uses intrusion detection and vulnerability scanning tools, which can only discover the risks exposed in the surface layer of the network environment. Evaluate. The model-based evaluation method can objectively evaluate the overall vulnerability of the current network environment and the existing security risks by taking into account the correlation between hosts or server nodes in the network environment and the correlation between the vulnerable points on it. [0003] The attack graph model considers the network topology informati...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1433H04L63/1441
Inventor 胡晶晶麻东彦武卓卓刘辰闫怀志薛静锋胡昌振
Owner BEIJING INSTITUTE OF TECHNOLOGYGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap