Research On Optimization Algorithm And Security Analysis Based On Attack Graph

With the rapid development of the Internet,incidents targeting cyber-attacks often occur,and network security has received widespread attention.Seeking practical security risk assessment methods is a research hotspot in the field of network security.The network attack graph model is an active detection mechanism for attack paths.It simulates the entire network attack scenario from the perspective of the attacker,and then gives the dependencies between the internal loopholes of the target network and displays them in a directed graph.This is an effective tool for analyzing network vulnerabilities.This thesis elaborates the common methods and tools of network security assessment,and analyzes the construction of attack graph theory model,attack graph optimization technology and the research status of attack graph in qualitative and quantitative analysis techniques.The attack graph generated by the large-scale network is too complicated to accurately and quickly find the problem of the critical vulnerability node.Optimizing the attack graph can help security administrators better understand the security status of nodes in the network system,thereby enhancing security defense capabilities and ensuring network system security.Firstly,according to the problem that the attack graph is too complicated,this thesis implements the attack graph optimization algorithm.Generate a directed attribute attack graph by using the MulVAL attack graph build tool.For the various loop phenomena of the directed attribute attack graph,the general loop elimination method is given to obtain the acyclic attack graph.Based on the acyclic attack graph,an optimization algorithm based on path complexity is proposed.The atomic attack distance and atomic weight are considered together,and the calculated attack path with path complexity lower than the threshold t is deleted to optimize.Thereby achieving the purpose of optimizing the attack graph.Based on the simplified attack graph,the network security environment is hardened with minimal cost.Firstly,the concept of the minimum critical attack set is described,and then it is proved that solving the minimum critical attack set is equivalent to solving the NP problem.For the ant colony algorithm,when solving the minimum critical attack set,it is easy to appear that the convergence is too early,resulting in the problem that the local optimal solution and the late search speed are too slow.Based on the ant colony algorithm,this thesis proposes a modified pheromone adaptive update principle and a local search strategy using adaptive genetic algorithm to improve the ant colony algorithm.The experimental results show that compared with the ant colony algorithm,the improved ant colony algorithm can speed up the process of solving the optimal solution.When the number of attack paths is large,the accuracy of the improved ant colony algorithm and the advantages of the later search speed are more obvious,and it is more suitable for large-scale networks.