论文信息 - An Network Attack Modeling Method Based on MLL-AT

An Network Attack Modeling Method Based on MLL-AT

Abstract In this paper, the method of modeling attack using attack tree is researched. The main goal is effectively using attack tree to model and express multi-stage network attacks. We expand and improve the traditional attack tree. The attack nodes in traditional attack tree are redefined, and the attack risk of leaf node is quantified. On those basis, the mentality and method of building MLL-AT (Multi-Level & Layer Attack Tree) are proposed. The improved attack tree can model attack more accurately, in particular to multi-stage network attacks. And the new model can also be used to evaluate system's risk, to distinguish between varying system security threat degrees caused by different attack sequences.

Huang Hao | Yin Xinchun | Yan Fen

[1] Giovanni Vigna,et al. STATL: An Attack Language for State-Based Intrusion Detection , 2002, J. Comput. Secur..

[2] Li Rui-xuan. Information system security risk evaluation based on attack tree , 2007 .

[3] Vasant Honavar,et al. A Software Fault Tree Approach to Requirements Analysis of an Intrusion Detection System , 2002, Requirements Engineering.

[4] Ludovic Mé,et al. ADeLe: An Attack Description Language for Knowledge-Based Intrusion Detection , 2001, SEC.

[5] Paul Ammann,et al. Using model checking to analyze network vulnerabilities , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[6] S. Evans,et al. Risk-based security engineering through the eyes of the adversary , 2005, Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop.