Research And Implementation Of Pattern Extendable Attack Graph Technology

Recently, there have been network attacks constantly which makes people deeply understand the importance of network security. Network vulnerability analysis can help to find the security risks in the network system and security vulnerabilities that might be taken advantage by intruders. This makes it possible for us find the problems and mend them before the system is attacked, which greatly improves the security of the network system.Nowadays, using method of attack graph to analyze the network vulnerability is a hotspot. Among them, the attack mode was one of the key difficulties. Whether the attack mode was complete and correct or not makes great differences in whether the network vulnerability is practical. We can improve the attack pattern depot constantly to promote the quality of the network vulnerability analysis and attack image generation. This paper does a research centered on pattern extendable attack graph generation technology deeply, and comes up with a workflow which including network vulnerabilities information collection to auxiliary generating of attack graph as well. It does some researches on relevant key technologies, designs and realizes corresponding software prototype system. The main works to do are:First of all, analyses about technologies and background information relevant to this task have been made, including vulnerability classification and attack modes and typical technologies of web crawler. This laid a foundation for the research on key technology and the layout of the system.Secondly, this article came up with a overall idea of a kind of pattern extendable attack graph generation system , analyzed the purpose of the system and the demand, described the whole design procedures, did research deeply on collected automatically key technologies of vulnerability information based on web crawler, improved the efficiency of getting the information of the vulnerability by using a method of simplified procedures ,brought out pattern extendable attack pattern whose capacity can be extended in two directions which are elements of their attributes of patterns and kinds of patterns, designed to attack mode attribute can be extended description of methods and types of analysis can be extended attack mode extraction method. Using instantiated atomic attack graph, shows the intuitive benefits that the extended attack mode brings to the network vulnerability analysis.Finally, on the basis of the research of the key technologies, two prototype systems to make that network vulnerability information automatically collected and can be extended attack mode managing, and proved the validity and usability of the systems function with practical tests.