基于因果知识网络的攻击路径预测方法

TP393.8; 针对现有攻击路径预测方法无法准确反映攻击者攻击能力对后续攻击路径的影响，提出了基于因果知识网络的攻击路径预测方法。借助因果知识网络，首先通过告警映射识别已发生的攻击行为；然后分析推断攻击者能力等级，进而根据攻击者能力等级动态调整概率知识分布；最后利用改进的Dijkstra算法计算出最有可能的攻击路径。实验结果表明，该方法符合网络对抗实际环境，且能提高攻击路径预测的准确度。...

Full description

Saved in:

Bibliographic Details
Published in	通信学报 Vol. 37; no. 10; pp. 188 - 198
Main Authors	王硕, 汤光明, 寇广, 宋海涛
Format	Journal Article
Language	Chinese
Published	信息保障技术重点实验室，北京 100072 2016 解放军信息工程大学,河南郑州,450001%解放军信息工程大学，河南郑州 450001
Subjects	概率知识分布 probability knowledge distribution attacker capability 因果知识网络 attack path prediction 攻击者能力 Dijkstra算法 causal knowledge net 攻击路径预测 Dijkstra algorithm
Online Access	Get full text
ISSN	1000-436X
DOI	10.11959/j.issn.1000-436x.2016210

Cover

Abstract	TP393.8; 针对现有攻击路径预测方法无法准确反映攻击者攻击能力对后续攻击路径的影响，提出了基于因果知识网络的攻击路径预测方法。借助因果知识网络，首先通过告警映射识别已发生的攻击行为；然后分析推断攻击者能力等级，进而根据攻击者能力等级动态调整概率知识分布；最后利用改进的Dijkstra算法计算出最有可能的攻击路径。实验结果表明，该方法符合网络对抗实际环境，且能提高攻击路径预测的准确度。
AbstractList	TP393.8; 针对现有攻击路径预测方法无法准确反映攻击者攻击能力对后续攻击路径的影响，提出了基于因果知识网络的攻击路径预测方法。借助因果知识网络，首先通过告警映射识别已发生的攻击行为；然后分析推断攻击者能力等级，进而根据攻击者能力等级动态调整概率知识分布；最后利用改进的Dijkstra算法计算出最有可能的攻击路径。实验结果表明，该方法符合网络对抗实际环境，且能提高攻击路径预测的准确度。
Abstract_FL	The existing attack path prediction methods can not accurately reflect the variation of the following attack path caused by the capability of the attacker. Accordingly an attack path prediction method based on causal knowledge net was presented. The proposed method detected the current attack actions by mapping the alarm sets to the causal knowledge net. By analyzing the attack actions, the capability grade of the attacker was inferred, according to which adjust the prob-ability knowledge distribution dynamically. With the improved Dijkstra algorithm, the most possible attack path was computed. The experiments results indicate that the proposed method is suitable for a real network confrontation envi-ronment. Besides, the method can enhance the accuracy of attack path prediction.
Author	汤光明宋海涛寇广王硕
AuthorAffiliation	解放军信息工程大学,河南郑州,450001%解放军信息工程大学，河南郑州 450001; 信息保障技术重点实验室，北京 100072
AuthorAffiliation_xml	– name: 解放军信息工程大学,河南郑州,450001%解放军信息工程大学，河南郑州 450001; 信息保障技术重点实验室，北京 100072
Author_FL	KOU Guang WANG Shuo TANG Guang-ming SONG Hai-tao
Author_FL_xml	– sequence: 1 fullname: WANG Shuo – sequence: 2 fullname: TANG Guang-ming – sequence: 3 fullname: KOU Guang – sequence: 4 fullname: SONG Hai-tao
Author_xml	– sequence: 1 fullname: 王硕 – sequence: 2 fullname: 汤光明 – sequence: 3 fullname: 寇广 – sequence: 4 fullname: 宋海涛
BookMark	eNrjYmDJy89LZWBQNDTQMzS0NLXUz9LLLC7O0zM0MDDQNTE2q9AzMjA0MzI0YGHghIlFcDDwFhdnJhmYGhqbmxkYG3IyGD-dv-vJrr6nsxc8mzfn-fylL9a3Pd878fnuOc9ntTybsvtp--4X29c_3dfyclHLs63dz6btfLZ5Kg8Da1piTnEqL5TmZghxcw1x9tD18Xf3dHb00U02NTfSNTQ2NTE2NUtJsbQwNjU1Njc3MEpKSk1LTbJITDVKTDG3SE40TjU3SzFOBSo0N0k1MDROSk1KTLFMNDJNSk41MuZmUIUYW56Yl5aYlx6flV9alAe0ML6koiIJ5Dugv4yMjAEd0VyY
ClassificationCodes	TP393.8
ContentType	Journal Article
Copyright	Copyright © Wanfang Data Co. Ltd. All Rights Reserved.
Copyright_xml	– notice: Copyright © Wanfang Data Co. Ltd. All Rights Reserved.
DBID	2B. 4A8 92I 93N PSX TCJ
DOI	10.11959/j.issn.1000-436x.2016210
DatabaseName	Wanfang Data Journals - Hong Kong WANFANG Data Centre Wanfang Data Journals 万方数据期刊 - 香港版 China Online Journals (COJ) China Online Journals (COJ)
DatabaseTitleList
DeliveryMethod	fulltext_linktorsrc
DocumentTitle_FL	Attack path prediction method based on causal knowledge net
EndPage	198
ExternalDocumentID	txxb201610022
GrantInformation_xml	– fundername: 国家自然科学基金资助项目; 信息保障技术重点实验室开放基金资助项目(No.KJ-14-106) Foundation Items:The National Natural Science Foundation of China; Foundation of Science and Technology on Information Assurance Laboratory funderid: (No.61303074); (61303074); (KJ-14-106)
GroupedDBID	-0Y 2B. 4A8 92I 93N ALMA_UNASSIGNED_HOLDINGS CCEZO CUBFJ GROUPED_DOAJ PSX TCJ
ID	FETCH-LOGICAL-c572-1354356dd9835537702bbefeb8ae2ad78ca3e76d3e35474e013bebad9a25bce23
ISSN	1000-436X
IngestDate	Thu May 29 04:00:47 EDT 2025
IsPeerReviewed	false
IsScholarly	true
Issue	10
Keywords	概率知识分布 probability knowledge distribution attacker capability 因果知识网络 attack path prediction 攻击者能力 Dijkstra算法 causal knowledge net 攻击路径预测 Dijkstra algorithm
Language	Chinese
LinkModel	OpenURL
MergedId	FETCHMERGED-LOGICAL-c572-1354356dd9835537702bbefeb8ae2ad78ca3e76d3e35474e013bebad9a25bce23
PageCount	11
ParticipantIDs	wanfang_journals_txxb201610022
PublicationCentury	2000
PublicationDate	2016
PublicationDateYYYYMMDD	2016-01-01
PublicationDate_xml	– year: 2016 text: 2016
PublicationDecade	2010
PublicationTitle	通信学报
PublicationTitle_FL	Journal on Communications
PublicationYear	2016
Publisher	信息保障技术重点实验室，北京 100072 解放军信息工程大学,河南郑州,450001%解放军信息工程大学，河南郑州 450001
Publisher_xml	– name: 信息保障技术重点实验室，北京 100072 – name: 解放军信息工程大学,河南郑州,450001%解放军信息工程大学，河南郑州 450001
SSID	ssib051376031 ssj0002912165 ssib058759023 ssib001102965 ssib023646527 ssib023168036 ssib036439991 ssib050281523 ssib000968473
Score	2.1012194
Snippet	TP393.8; 针对现有攻击路径预测方法无法准确反映攻击者攻击能力对后续攻击路径的影响，提出了基于因果知识网络的攻击路径预测方法。借助因果知识网络，首先通过告警映射识...
SourceID	wanfang
SourceType	Aggregation Database
StartPage	188
Title	基于因果知识网络的攻击路径预测方法
URI	https://d.wanfangdata.com.cn/periodical/txxb201610022
Volume	37
hasFullText	1
inHoldings	1
isFullTextHit
isPrint
journalDatabaseRights	– providerCode: PRVHPJ databaseName: ROAD: Directory of Open Access Scholarly Resources issn: 1000-436X databaseCode: M~E dateStart: 19800101 customDbUrl: isFulltext: true dateEnd: 99991231 titleUrlDefault: https://road.issn.org omitProxy: true ssIdentifier: ssib058759023 providerName: ISSN International Centre
link	http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV3Ni9QwFC_rCuJFFBU_lxXMSbo2adM0x7bTYRH1NMLelqYfehphnYVhD54GPQiCoB50cUXwvAcRcQf9a5yZ9b_wvdfOTAcVP2AI6csvL-_lTZuXNsmzrKu49UMZjAGYB67tebmwdeFrO8sKWeZuIZwc9w7fuu2v3_FubMiNpSM3G6uWtntmLdv55b6S_7Eq0MCuuEv2Hyw7YwoEyIN9IQULQ_pXNmaJZLrNopAlHqZBQpSIhQ5LfKYTpmOWKMSEkiUBC9ss8JEStZjmlImmGKjuUS0PicAnoFKoFSmsCJQoIYxmoajBEcAiqgV5TRSXVfEspy4v4nE5RSUkSMKRVdhioY_4IATZpmZHQUAJZKkQqBslwJqz0CPJ4EeN6QDgc4gkBRWJqqGthZKklhREBoUwA_Wj5luPajsm_UMbsoKInPQnim6hPqAM9hpJH1R9HRNGY_NBi_QQ1CPUMlgCew3AcU1BRcBycU2BVKvaimF8DT-HqMYLWby2PZeiMc5GlOoYm-md4zTGB17FMKxdDV4F4P55FNNS0zCGTaxNm-jjQkRf1PwWDwnv9fsGS_FAXXBIjgoFfhcuZH2YNCer4Io0d1E7Qs-_cQsMYQb-zPza93wpZs6pi76rnp-sJMEzBedvxk9yXF81_6YsYSas64hU5BcJzQWn2K6zTjtmXZnqe_132tJuum6Zdu82HL_OSetEPWNbDavb75S1tHPvtOWO9g6-HTwdvX47frM72Xt_uP9o8uXZZLg7eTUYPx-OHg8PP-2Pvg6-vxuMPz4Zv_w8_vDijNVpJ5143a7jj9iZVMLmroS5hJ_nGmYp0lXKEcYUZWGCtBBproIsdQvlwwMNgMorYDJlCpPmOhXSZIVwz1rL3fvd4py1yt3MSYUoeWl8L3VKk8JjLOXGTU0poWfOWyu1jpv14-XB5oJJL_wJcNE6jvnq5eAla7m3tV1cBne5Z1boX_ADgAOMdQ
linkProvider	ISSN International Centre
openUrl	ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=%E5%9F%BA%E4%BA%8E%E5%9B%A0%E6%9E%9C%E7%9F%A5%E8%AF%86%E7%BD%91%E7%BB%9C%E7%9A%84%E6%94%BB%E5%87%BB%E8%B7%AF%E5%BE%84%E9%A2%84%E6%B5%8B%E6%96%B9%E6%B3%95&rft.jtitle=%E9%80%9A%E4%BF%A1%E5%AD%A6%E6%8A%A5&rft.au=%E7%8E%8B%E7%A1%95&rft.au=%E6%B1%A4%E5%85%89%E6%98%8E&rft.au=%E5%AF%87%E5%B9%BF&rft.au=%E5%AE%8B%E6%B5%B7%E6%B6%9B&rft.date=2016&rft.pub=%E4%BF%A1%E6%81%AF%E4%BF%9D%E9%9A%9C%E6%8A%80%E6%9C%AF%E9%87%8D%E7%82%B9%E5%AE%9E%E9%AA%8C%E5%AE%A4%EF%BC%8C%E5%8C%97%E4%BA%AC+100072&rft.issn=1000-436X&rft.volume=37&rft.issue=10&rft.spage=188&rft.epage=198&rft_id=info:doi/10.11959%2Fj.issn.1000-436x.2016210&rft.externalDocID=txxb201610022
thumbnail_s	http://utb.summon.serialssolutions.com/2.0.0/image/custom?url=http%3A%2F%2Fwww.wanfangdata.com.cn%2Fimages%2FPeriodicalImages%2Ftxxb%2Ftxxb.jpg