Dynamic Construction Technology Of Complex Network Attack Graph

At present,the cyberspace security situation is more and more serious,the network attack technology presents the comprehensive,the concealment and the intelligentized development tendency.In order to effectively identify potential network security threats and evaluate network security risks,people use attack graphs to analyze the vulnerability of the protected network,and provide important reference for constructing network security protection system and adopting appropriate network security protection measures.However,with the increasing size of the protected network,the shortcomings of the existing attack graph algorithm inefficient to support the complex network of dynamic vulnerability analysis needs.In this paper,the dynamic construction technology of complex network attack graph is studied deeply.The main work is as follows:Aiming at the requirement of constructing complex network attack graphs efficiently,a new parallel attack graph generation algorithm based on reverse search is proposed.In order to improve the computational efficiency,firstly,a parallel computing method is adopted based on a vulnerability utilization hypothesis.When calculating the association between network vulnerabilities,it is not necessary to preserve the attacker's state information and only concern the association relations among the vulnerability nodes.Secondly,when each compute node computes the subtask in parallel,it does not need to carry on the data communication and keep the database consistency,which reduces the communication overhead.Based on this,a new attack path search algorithm based on DFS(Depth-first Search)is proposed,which provides the basis for targeted detection of critical threat nodes.Aiming at the problem of unbalanced division of sub-tasks in parallel computing of attack graphs and the extra computation time cost of attack graph merging in parallel computing method,the parallel sub-tasks are partitioned based on multilevel k-way hypergraph partition.This ensures the load balancing of parallel subtasks,and improves the correlation degree of nodes within the subtask,and reduces the extra time cost of the attack graph merging.Aiming at the shortcomings of the attack graph dynamic construction method,an effective attack graph dynamic construction algorithm is proposed based on the complete attack graph construction algorithm based on reverse search.The method of calculating the dynamic threshold of attack graph is presented.The dynamic construction time of the attack graph is controlled more accurately,which improves the efficiency of network vulnerability analysis and supports the network security capability of continuous monitoring.The prototype system is designed and implemented,and the validity of the proposed dynamic network attack graph construction is demonstrated through experiment.