Analysis Of Network Security Based On Uncertain Attack Graph

Firstly,with the rapid development of science and technology,the network in people's lives plays an indispensable role,but the use of real-life network will encounter a lot of unexpected circumstances,which will lead to the uncertainty of the actual data transmission.Moreover,with the development of technology,people are increasingly demanding data accuracy,so we need to quantify the uncertainty.Secondly,the attack graph is a demonstration of the attacker's attack path,which reflects the attacker's use of loopholes in the entire network environment and can help network defenders analyze network security reversely,but the existing attack graph generation algorithm still embodies some deficiencies in the description of sudden network congestion,network disconnection,network delay and other unexpected situations;and the problem that the attack map can also reach the target node attack path and which network path is more reliable do not begin to study.Therefore,based on these two problems,this paper designs an algorithm for generating an uncertain attack graph,and analyzes the reliability of the attack path of the indefinite attack graph.According to the attack path reliability of the uncertain attack graph and the Top-K attack path made key edges and key vulnerabilities.The specific research contents are as follows:In order to better analyze the various attacks encountered in the network,we firstly use the vulnerability scanning tool to collect all the nodes in the target network topology environment according to the network topology modeling into an uncertain map.Secondly,this paper designs an algorithm for generating an indefinite attack graph based on the uncertain graph model.The algorithm starts from the attacker's target node and searches the attackable node according to the node information connected with it.If the attack succeeds,the node is added to the attack node set until the attacker algorithm is found to end the simulation to generate an indefinite attack graph.When generating an indefinite graph,we can use the depth-first strategy to search for the attack path of the attacker in the indefinite attack graph and analyze the reliability of each attack path,and use the depth-first search strategy to avoid attacks in the search process Ring of the situation.We can better simulate the reality of attack and find a reliable attack path.During the experiment,when the network size gradually increases,the attack map becomes more and more complex and the attack path will be more and more,which is not conducive to the defense of the network security analysis.It is found that the nodes in the attack path with high reliability will often appear in other attacks,so the reliability of the attack path is sorted.The Top K attack path is proposed by the previous K attack path,The K attack path presents key edges and key vulnerabilities.When the network security administrator to repair a critical vulnerability,you can make the vast majority of attacks fail,and you can better help defenders to analyze defense network attacks.Finally,we verify the correctness of the algorithm proposed in our paper.