Font Size: a A A

Complex Attack System Modeling And Its Application In Network Security

Posted on:2016-04-25Degree:DoctorType:Dissertation
Country:ChinaCandidate:J LuoFull Text:PDF
GTID:1108330503456157Subject:Computer Science and Technology
Abstract/Summary:PDF Full Text Request
Network security is an important part of our country towards a strong cyberpower.It is critical to security management that how to make security decision from the information with uncertainty, conflicts as well as supports. We research on attack system for complex information processing, and focus on its accept semantics, and application in network security decision, network hardening, etc. The main works are as follows:(1) Aggregation acceptability semantics and relaxing extensions semantics are given.Based on satisfiability degree, the degree of attack and degree of support are defined, on which the two semantics are established by aggregation function. A proposition matrix search algorithm and a clause partition algorithm are proposed to compute satisfiability degree based on the idea of divide and conquer. When attack system is applied to security decision-making, a part or full order on security strategies can be acquired by calculating the semantics. This avoids the di?cult for computing the cost of strategies, and provides decision support for security managers.(2) A structure of uncertainty semantic computation is given. The attack system is considered as a Kripke structure, on which the definition of modal logic is proposed to express semantics, and a possibility measure is defined for the modal logic to quantify semantic uncertainty. Compared with probability, fuzzy and weight methods,this structure has a more accurate uncertainty expression, and makes a quantitative distinction among the semantics.(3) A software vulnerability rating approach(SVRA) is proposed. The chi-square analysis found correlations between CVSS basic metrics, resulting in poor distinguish for some vulnerabilities. SVRA uses the vulnerability database to analyze the frequencies of basic metrics at di?erent time point. Then, these frequencies are used to compute both exploitability subscore and impact subscore. An SVRA score is created by a weighted average of these two subscores. Using vulnerability database for empirical analysis, it illustrates that SVRA has a better data diversity and distinctiveness.(4) The security risk calculation and network hardening are discussed. The security risk can be calculated by Bayesian attack graph, whose nodes are attached with SVRA scores. The security risk allows the administrator to keep control of network healthy, and take actions accordingly. The unconstrained hardening problem and constrained hardening problem are concerned for security hardening. By attack graphs, these two problems are modelled by satisfiability degree as two logic optimization problems. Two recursive algorithms are designed to solve them e?-ciently, which we validate experimentally. This provides an e?ective analysis for the actual network hardening.
Keywords/Search Tags:Satisfiability Degree, Attack System, Security Hardening, Security Decision-making
PDF Full Text Request
Related items