Construction method of attack scenario in cloud environment based on dynamic probabilistic attack graph
Aiming at the problem of complex multi-step attack detection, the method of attack scenario construction oriented to cloud computing environment was studied.Firstly, a dynamic probabilistic attack graph model was constructed, and a probabilistic attack graph updating algorithm was designed to make i...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2021-01-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2021004/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841539271270334464 |
|---|---|
| author | Wenjuan WANG Xuehui DU Dibin SHAN |
| author_facet | Wenjuan WANG Xuehui DU Dibin SHAN |
| author_sort | Wenjuan WANG |
| collection | DOAJ |
| description | Aiming at the problem of complex multi-step attack detection, the method of attack scenario construction oriented to cloud computing environment was studied.Firstly, a dynamic probabilistic attack graph model was constructed, and a probabilistic attack graph updating algorithm was designed to make it update periodically with the passage of time and space, so as to adapt to the elastic and dynamic cloud computing environment.Secondly, an attack intention inference algorithm and a maximum probability attack path inference algorithm were designed to solve the uncertain problems such as error and fracture of attack scenarios caused by false positive or false negative, and ensure the accuracy of attack scenario.Meanwhile, the attack scenario was dynamically evolved along with the dynamic probability attack graph to ensure the completeness and freshness of the attack scenario.Experimental results show that the proposed method can adapt to the elastic and dynamic cloud environment, restore the penetration process of attacker’s and reconstruct high-level attack scenario, and so provide certain references for building supervised and accountable cloud environment. |
| format | Article |
| id | doaj-art-427aa5dbc01a4a67a4ab57da4de8e8b0 |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2021-01-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-427aa5dbc01a4a67a4ab57da4de8e8b02025-01-14T07:21:25ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2021-01-014211759739575Construction method of attack scenario in cloud environment based on dynamic probabilistic attack graphWenjuan WANGXuehui DUDibin SHANAiming at the problem of complex multi-step attack detection, the method of attack scenario construction oriented to cloud computing environment was studied.Firstly, a dynamic probabilistic attack graph model was constructed, and a probabilistic attack graph updating algorithm was designed to make it update periodically with the passage of time and space, so as to adapt to the elastic and dynamic cloud computing environment.Secondly, an attack intention inference algorithm and a maximum probability attack path inference algorithm were designed to solve the uncertain problems such as error and fracture of attack scenarios caused by false positive or false negative, and ensure the accuracy of attack scenario.Meanwhile, the attack scenario was dynamically evolved along with the dynamic probability attack graph to ensure the completeness and freshness of the attack scenario.Experimental results show that the proposed method can adapt to the elastic and dynamic cloud environment, restore the penetration process of attacker’s and reconstruct high-level attack scenario, and so provide certain references for building supervised and accountable cloud environment.http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2021004/cloud computingattack scenariodynamic probabilistic attack graphattack intentionmaximum probability attack path |
| spellingShingle | Wenjuan WANG Xuehui DU Dibin SHAN Construction method of attack scenario in cloud environment based on dynamic probabilistic attack graph Tongxin xuebao cloud computing attack scenario dynamic probabilistic attack graph attack intention maximum probability attack path |
| title | Construction method of attack scenario in cloud environment based on dynamic probabilistic attack graph |
| title_full | Construction method of attack scenario in cloud environment based on dynamic probabilistic attack graph |
| title_fullStr | Construction method of attack scenario in cloud environment based on dynamic probabilistic attack graph |
| title_full_unstemmed | Construction method of attack scenario in cloud environment based on dynamic probabilistic attack graph |
| title_short | Construction method of attack scenario in cloud environment based on dynamic probabilistic attack graph |
| title_sort | construction method of attack scenario in cloud environment based on dynamic probabilistic attack graph |
| topic | cloud computing attack scenario dynamic probabilistic attack graph attack intention maximum probability attack path |
| url | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2021004/ |
| work_keys_str_mv | AT wenjuanwang constructionmethodofattackscenarioincloudenvironmentbasedondynamicprobabilisticattackgraph AT xuehuidu constructionmethodofattackscenarioincloudenvironmentbasedondynamicprobabilisticattackgraph AT dibinshan constructionmethodofattackscenarioincloudenvironmentbasedondynamicprobabilisticattackgraph |