Research On Intelligent Generation And Optimization Of Network Attack Graph

Nowadays,with the rapid development of computer network,network security incidents happen constantly.Nowadays,network security has become an increasingly prominent topic,and network security analysis has become a reasonable way of network space security.Network attack graph is an important technology,which can analyze the weak points of each key node in the network,find out the attack path with potential security risks,and display it in the form of graph.By using the attack graph,the security administrator can effectively discover the relationship between the vulnerabilities in the network,and make up for the vulnerabilities at the lowest cost.The content of attack graph is mainly divided into two aspects: attack graph generation technology and attack graph analysis technology.Attack graph generation technology is a method of using target network information and attack pattern to generate attack graph,which is the basis of attack graph technology.Attack graph analysis technology refers to the method of analyzing attack graph,obtaining key nodes and paths,or quantifying vulnerability.Attack graph has developed rapidly in recent years,but the generation efficiency of attack graph and the intellectualization of algorithm still have great deficiencies,mainly as follows:There are few researches on the intelligent construction method of attack graph;the traditional algorithm of attack graph generation can not meet the needs of today's big data development,so that the efficiency of using the traditional attack graph algorithm is low,and can not be effectively put into large-scale production practice.At present,there are two main methods for automatic generation of attack graph: one is the automatic generation method of attack graph based on model detection technology,which requires reasonable improvement and optimization of model detection software.The improved model is complex,and the space-time complexity of generating attack graph is large;the other is based on graph theory,and the scale of attack graph generated by this method is often small,which can not meet the needs of the development of big data;the third is the construction method of distributed cluster parallel attack graph needs to be improved.The attack graph optimization algorithm proposed by foreign expert Ammann has better space-time complexity,but the modeling is complex and the representation efficiency on large-scale distributed cluster is not high.In this paper,the problem of attack graph is studied deeply,and the famous literature at home and abroad is studied.The theory of attack graph is systemically sorted out,and the risk assessment of network security is studied.The research work and innovation of this paper are as follows:1.This paper studies and compares all kinds of attack graphs,and proposes a hierarchical aggregation method of attack graph nodes,which can greatly reduce the number of nodes and the overall complexity of the model.On this basis,this paper also gives the visualization scheme of attack graph,and draws the attack graph with visualization tools.stage,attack graph modeling stage and attack graph core modeling stage.The content of each stage is studied and discussed in detail,and the feasible scheme of each step is given.2.In this paper,the generation process of attack graph is divided into reachability analysis stage,attack graph modeling stage and attack graph core modeling stage.The content of each stage is studied and discussed in detail,and the feasible scheme of each step is given.3.In this paper,web vulnerability scanning technology based on fingerprint features is used for web vulnerability scanning.The client server database is designed in detail for this scheme,and the feasibility is proved by experiments.This scheme can optimize the generation of attack map nodes.4.In this paper,a variety of attack path generation algorithms are studied,and an attack graph building algorithm based on Q-Learning reinforcement learning is proposed innovatively.In this paper,the overall flow of Q-learning algorithm is studied in detail,and then the algorithm and the generated attack graph are combined organically,the practicability of the algorithm is analyzed,and the experiment and analysis are given.The experiment shows that the algorithm is effective.