Research On Attack Path Prediction Based On PANAG Mode

With the wide application of computers,the Internet has gradually changed from a closed,dedicated network to an open,public network,and its application scope has gradually become more and more extensive.There will also be a sharp increase in vulnerabilities in the network,which will increase the chance for attackers to successfully occupy resources illegally and greatly damage the security of the computer network.Network attack prediction mainly monitors the vulnerability in the network through the related security technology,and finds out the vulnerability with high risk according to the theoretical analysis,which is the possible attack target of the attacker.The network administrator should focus on the defense.This thesis analyzes the weakness of the network,proposes an effective attack graph model,and constructs an attack path prediction scheme to predict the possible attack path.Based on the analysis of vulnerability attributes,the node vulnerability clustering algorithm is designed to simplify the number of vulnerabilities and effectively simplify the attack graph.According to the general vulnerability scoring system,and taking the attack difficulty as the judgment standard,the calculation method of node reachability probability is given,which solves the problem of inaccurate prediction caused by subjective quantitative evaluation by expert scoring.This thesis analyzes the factors of network attack comprehensively,introduces the concept of attack value,and constructs a general attack value calculation model which contains many factors,which lays a foundation for attack path prediction.Because the attacker is rational,according to the analysis of attack value,the attack behavior that the attacker can not take is eliminated,and the path redundancy is effectively eliminated.Based on the above analysis,the possibility of different path intrusion based on intrusion intention is given quantitatively.Finally,the thesis points out the shortcomings of the research,and gives the next research objectives.The main work and innovations of this thesis are as follows:(1)In this thesis,a node vulnerability clustering algorithm(NVC)is proposed to simplify the number of vulnerabilities,which is convenient for network administrators to find out the most risky vulnerabilities in the network.In this thesis,the factors related to network attack are analyzed comprehensively,and the quantitative methods of attack cost and profit cost of attackers are proposed,which are used to analyze the feasibility of attacker's attack behavior.(2)In this thesis,the generation algorithm of probability attribute network attack graph(Generat NAG)is given,which simplifies the attack model and effectively identifies the attack behavior in the target network.(3)Based on the analysis of attacker's attack cost and benefit,the concept of attack value is introduced,and the algorithm of path generation based on attack value(Build NAP)is proposed,which is used to predict the most likely attack path of attacker.