Design And Application Of The Penetration Attack Tree Model For Anti-Attack Test

Along with the rapid development of the network application and the continuous increase of the network security threat, people pay more and more attention to the security of the security equipment and the important host in the network, especially the evaluation of the anti-attack capability. Penetration attack technique is an important approacht used in anti-attack test. This approach can accurately test the damage of the target caused by attacks; and establish the base for security evaluation.Present research on penetration attack technique is aimed at the network attack and the IDS. They explore the essence of attack and exploit new attack; but we extract the characters of attack, apply them in anti-attack test, and discuss how to organize the attack in order to form the test project and evaluate the security of the target. Some results have been achieved as follows:a) Propose an effect-based multi-attribute attack classification based on analysis of the attack taxonomy, demand of the attack classification, characters of attack process. It can provide basis to organize property nodes and build the attack knowledge database for anti-attack test.b) Analyze the application of attack tree model used in anti-attack test thoroughly and systematically. By analyzing the advantage and limitations of attack tree model, present a demand that we establish a new attack model for anti-attack test by integrating the attack multi-attribute classification.c) Establish a penetration attack tree model for anti-attack test (AAT_PATM) by integrating characteristics of multi-attribute attack classification and attack tree model, redefining attack tree nodes and redescribing the relations of them. This model can describe characters in different attack phases, property relations and conditions of penetration attacks. So it can provide a project to guide anti-attack test. At the same time, we establish the arithmetic and the thought in foundation, deletion and ergodicity for AAT_PATM.d) Design and carry out a penetration attack system for anti-attack test which is used to form a test project to guide the anti-attack test. Using multi-attribute attack classification for anti-attack test, we build an attack knowledge database which is used to storage the attack knowledge. In the process of designing an attack tools storehouse, we also propose the thought of establishing the storehouse which combine the near future and the forward goal, unite the independent exploitation and the collection on the network, integrate the script and the program. Especially introduce the NASL attack script to the attack tools storehouse.