| Attack and its defends to be two sides that closely related with of network security , further investigate , attack theory and technology can protect network security of information system effectively. It is a key problem studied about that understanding and description to the network attacks. Attack models can help in describing and analyzing the course of attack structurely and pictorially, facilitate analyzing and utilizing the known attack, further more that can help in improving the efficiency of attacking measuring and security prediction.At first, a new kind of attack model named Fuzzy Attack Net (FAN) which based on fuzzy petri net theory is proposed in this paper, then the generating algorithm of this model is proposed, and the algorithm is effective and efficient verified by experiments which are also given in this paper. Next, this paper uses FAN theory in the network to express the attack that carries on the privilege promotion using the system vulnerability, to attacked in FAN has conducted the fuzzy analysis research, through the establishment attack FAN model, to used the system vulnerability using the FAN theory and the analysis method to carry on the illegal privilege promotion to carry on the qualitative and quota analysis, this model can reflect the affiliation between each step of the attack, the reusability is also strong, we not only may to estimate the goal about the attack success or failure using the attack success ratio, but also can carry on the dangerous appraisal using the FAN inference algorithm to various systems vulnerabilities. Fuzzy numbers represents success ratio possibilities of attack so that difficulties to obtain accurate success ratio possibilities of bottom attack events are reduced, errors from statistic data of failure possibilities are corrected to some extent Afterwards this paper use multi-valued logic and the both-branch fuzzy set theory to expand FAN theory in the FAN foundation, Multi-valued Fuzzy Attack Net(MVFAN) is proposed based on Multi-valued Logic and Both-Branch Fuzzy Attack Net(BBFAN) is proposed based on Both-Branch Fuzzy Set, a new effective method has been defined that can describe the network attack behavior.This paper originally consider together the pro and con two aspects factor which have effect to the attacks, and carries on it in expansion BBFAN the analysis, causes to draw close to the reality to the network attack description. Finally, give a comprehensive summary to this paper and pointed out the existence insufficiency, has forecast the future further research direction. |
PDF Full Text Request