Computer Science

Computer Science ›› 2019, Vol. 46 ›› Issue (12): 165-173.doi: 10.11896/jsjkx.190400092

• Information Security • Previous Articles     Next Articles

Extended Attack Graph Generation Method Based on Knowledge Graph

YE Zi-wei, GUO Yuan-bo, LI Tao, JU An-kang   

  1. (The Third Institute,Information Engineering University,Zhengzhou 450001,China)
  • Received:2019-04-17 Online:2019-12-15 Published:2019-12-17

PDF (PC)

2620

Abstract: Existing attack graph generation and analysis techniques mainly depend on vulnerability scores.External factors such as hardware and software cann’t be considered to judge their impact and correct vulnerability scores.As a result,generated attack graph is difficult to accurately reflect the real risk of nodes and attack paths.Information extraction and knowledge reasoning in knowledge graph technique are effective means to integrate vulnerability information acquired by multiple sources,and can be used to calculate the risk of nodes and attack paths more accurately in the network.Firstly,knowledge graph based on atomic attack ontology is designed to extend the input and display information of attack graph.Then,an extended attack graph generation framework based on knowledge graph is proposed.On this basis,the attack graph generation algorithm and calculation of attack success rate and attack profit are given,so as to achieve a more comprehensive and accurate evaluation of vulnerabilities.Finally,experimental results verify the effectiveness of proposed method.

Key words: Attack graph, Attack profit, Attack success rate, Knowledge graph, Risk assessment

CLC Number: 

  • TP393
[1]JHA S,SHEYNER O,WING J.Two formal analyses of attack graphs[C]//Proceedings 15th IEEE Computer Security Foundations Workshop(CSFW-15).IEEE,2002:49-63.
[2]SHEYNER O,HAINES J,JHA S,et al.Automated generation and analysis of attack graphs[C]//IEEE Symposium on Security and Privacy.IEEE,2002:273-284.
[3]WANG L,NOEL S,JAJODIA S.Minimum-cost network harde- ning using attack graphs [J].Computer Communications,2006,29(18):3812-3824.
[4]CHEN F,MAO H D,ZHANG W M,et al.Survey of attack graph technique [J].Computer Science,2011,38(11):12-18.(in Chinese)
陈铎,毛捍东,张维明,等.攻击图技术研究进展[J].计算机科学,2011,38(11):12-18.
[5]WANG S,ZHANG Z,KADOBAYASHI Y.Exploring attack graph for cost-benefit security hardening:a probabilistic approach[J].Computers & Security,2013,32(1):158-169.
[6]HONG J,KIM D S.Harms:hierarchical attack representation models for network security analysis[C]//The 10th Australian Information Security Management Conference.Western Australia,2012:1-8.
[7]KOTENKO I,STEPASHKIN M.Attack graph based evaluation of network security[C]//IFIP International Conference on Communications and Multimedia Security.Springer Berlin Heidelberg,2006:216-227.
[8]WANG L,ISLAM T,LONG T,et al.An attack graph-based probabilistic security metric[C]//IFIP Annual Conference on Data and Applications Security and Privacy.Springer Berlin Heidelberg,2008:283-296.
[9]LIU Q,ZHANG Y.VRSS:A new system for rating and scoring vulnerabilities[J].Computer Communications,2011,34(3):264-273.
[10]LEI K,ZHANG Y,WU C.A system for scoring the exploitability of vulnerability based types [J].Journal of Computer Research and Development,2017,54(10):2296-2309.
[11]LIAO D,ZHOU M,LIU D,et al.Assessment method of automatic optimizing CVSS v2.0 vulnerability indicators [J].Computer Engineering and Applications,2015,51(2):103-107.
[12]OU X,BOYER W F,MCQUEEN M A.A scalable approach to attack graph generation[C]//The 13th ACM Conference on Computer and Communications Security.ACM,2006:336-345.
[13]RICK V H.A framework for the motivation of attackers in attack tree analysis [D].Holland,Delft:Delft University of Technology,2015.
[14]WANG L,JAJODIA S,SINGHAL A,et al.k-Zero day safety:measuring the security risk of networks against unknown attacks[J].Lecture Notes in Computer Science,2010,11(1):573-587.
[15]WANG L,JAJODIA S,SINGHAL A,et al.k-Zero day safety:a network security metric for measuring the risk of unknown vulnerabilities[J].IEEE Transactions on Dependable & Secure Computing,2014,11(1):30-44.
[16]WANG L,ZHANG M,JAJODIA S,et al.Modeling network diversity for evaluating the robustness of networks against zero-day attacks[C]//European Symposium on Research in ComputerSecurity.Springer International Publishing,2014:494-511.
[17]ZHANG M,WANG L,JAJODIA S,et al.Network diversity:a security metric for evaluating the resilience of networks against zero-day attacks[J].IEEE Transactions on Information Forensics & Security,2016,11(5):1071-1086.
[18]FADLALLAH A,SBEITY H,MALLI M,et al.Application of attack graphs in intrusion detection systems:an implementation[J].International Journal of Computer Networks,2016,8(1):1-12.
[19]AHMADINEJAD S H,JALILI S,ABADI M.A hybrid model for correlating alerts of known and unknown attack scenarios and updating attack graphs[J].Computer Networks,2011,55(9):2221-2240.
[20]LIU W X,ZHENG K F,WU B,et al.Alert processing based on attack graph and multi-source analyzing[J].Journal on Communications,2015,36(9):135-144.
[21]WU Y B,YANG F,LAI G H,et al.Research progress of know- ledge graph learning and reasoning[J].Journal of Chinese Mini-Micro Computer Systems,2016,37(9):2007-2013.(in Chinese)
吴运兵,杨帆,赖国华,等.知识图谱学习和推理研究进展[J].小型微型计算机系统,2016,37(9):2007-2013.
[22]LI H,WANG Y,CAO Y.Searching forward complete attack graph generation algorithm based on hypergraph partitioning[J].Procedia Computer Science,2017,107(5):27-38.
[23]PIETERS W,DAVARYNEJAD M.Calculating adversarial risk from attack trees:Control strength and probabilistic attackers[M]//Data Privacy Management,Autonomous Spontaneous Security,and Security Assurance.Springer International Publishing,2015:201-215.
[24]ZHANG S J,LI J H,SONG S S,et al.Using Bayesian inference for computing attack graph node beliefs[J].Journal of Software,2010,21(9):2376-2386.
[25]FRIGAULT M,WANG L.Measuring network security using Bayesian network-based attack graphs[C]//The 3rd IEEE International Workshop on Security,Trust,and Privacy for Software Applications.IEEE,2008:698-703.
[26]POOLSAPPASIT N,DEWRI R,RAY I.Dynamic security risk management using bayesian attack graphs[J].IEEE Transactions on Dependable & Secure Computing,2011,9(1):61-74.
[27]FANG Y,YIN X C,LI J Z.Research of quantitative network security assessment based on Bayesian-attack graphs[J].Application Research of Computers,2013,30(9):2763-2766.
[28]MIEHLING E,RASOULI M,TENEKETZIS D.Optimal de- fense policies for partially observable spreading processes on Bayesian attack graphs[C]//The Second ACM Workshop on Moving Target Defense.ACM,2015:67-76.
[29]DURKOTA K,LISY V,BOSANSKY B,et al.Optimal network security hardening using attack graph games[C]//Twenty-Fourth International Joint Conference on Artificial Intelligence.2015:7-14.
[30]ABRAHAM S,NAIR S.Predictive cyber security analytics framework:a non-homogenous markov model for security quantification[J].Journal of Communications,2014,12(9):899-907.
[31]JIA Y,QI Y,SHANG H,et al.A practical approach to constructing a knowledge graph for cybersecurity[J].Engineering,2018,4(1):53-60.
[32]LIANG Z,ZHOU J K,ZHU H,et al.Research on Aggregation Technology for Information Security Knowledge Based on Security Ontology[J].Netinfo Security,2017,196(4):78-85.(in Chinese)
梁中,周嘉坤,朱汉,等.基于安全本体的信息安全知识聚合技术研究[J].信息网络安全,2017,196(4):78-85.
[33]IANNACONE M,BOHN S,NAKAMURA G,et al.Developing an ontology for cyber security knowledge graphs[C]//Cyber and Information Security Research Conference.ACM,2015:12.
[34]ASAMOAH C,TAO L,GAI K,et al.Powering filtration process of cyber security ecosystem using knowledge graph[C]//IEEE International Conference on Cyber Security and Cloud Computing.IEEE,2016:240-246.
[35]NADEAU D,SEKINE S.A survey of named entity recognition and classification[J].Lingvisticae Investigations,2007,30(1):3-26.
[36]LAO N,MITCHELL T,COHEN W W.Random walk inference and learning in a large scale knowledge base[C]//Conference on Empirical Methods in Natural Language Processing.2012:529-539.
[37]BENGIO Y,DUCHARME R,VINCENT P,et al.A neural probabilistic language model[J].Journal of Machine Learning Research,2003,3(2):1137-1155.
[38]MNIH A,HINTON G.Three new graphical models for statistical language modelling[C]//Proceedings of the24th International Conference on Machine Learning.ACM,2007:641-648.
[39]YE Z W,GUO Y B,WANG C D,et al.Survey on application of attack graph technology[J].Journal on Communications,2017,38(11):125-136.(in Chinese)
叶子维,郭渊博,王宸东,等.攻击图技术应用研究综述[J].通信学报,2017,38(11):125-136.
[40]CHEN X,FANG B,TAN Q.Inferring attack intent of malicious insider based on probabilistic attack graph model[J].Chinese Journal of Computers,2014,37(1):62-72.
[41]TANJA B,MARCOS K,HEIKO S,et al.Using natural lan- guage processing to enable in-depth analysis of clinical messages posted to an internet mailing sist:a feasibility study[J].Journal of Medical Internet Research,2011,13(4):e98.
[42]FINKEL J R,GRENAGER T,MANNING C.Incorporating non-local information into information extraction systems by Gibbs sampling[C]//Proceedings of the 43rd Annual Meeting of the Association for Computational Linguistics.Association for Computational Linguistics,2005:363-370.
[1] XU Yong-xin, ZHAO Jun-feng, WANG Ya-sha, XIE Bing, YANG Kai. Temporal Knowledge Graph Representation Learning [J]. Computer Science, 2022, 49(9): 162-171.
[2] RAO Zhi-shuang, JIA Zhen, ZHANG Fan, LI Tian-rui. Key-Value Relational Memory Networks for Question Answering over Knowledge Graph [J]. Computer Science, 2022, 49(9): 202-207.
[3] WU Zi-yi, LI Shao-mei, JIANG Meng-han, ZHANG Jian-peng. Ontology Alignment Method Based on Self-attention [J]. Computer Science, 2022, 49(9): 215-220.
[4] KONG Shi-ming, FENG Yong, ZHANG Jia-yun. Multi-level Inheritance Influence Calculation and Generalization Based on Knowledge Graph [J]. Computer Science, 2022, 49(9): 221-227.
[5] LIU Jie-ling, LING Xiao-bo, ZHANG Lei, WANG Bo, WANG Zhi-liang, LI Zi-mu, ZHANG Hui, YANG Jia-hai, WU Cheng-nan. Network Security Risk Assessment Framework Based on Tactical Correlation [J]. Computer Science, 2022, 49(9): 306-311.
[6] QIN Qi-qi, ZHANG Yue-qin, WANG Run-ze, ZHANG Ze-hua. Hierarchical Granulation Recommendation Method Based on Knowledge Graph [J]. Computer Science, 2022, 49(8): 64-69.
[7] WANG Jie, LI Xiao-nan, LI Guan-yu. Adaptive Attention-based Knowledge Graph Completion [J]. Computer Science, 2022, 49(7): 204-211.
[8] MA Rui-xin, LI Ze-yang, CHEN Zhi-kui, ZHAO Liang. Review of Reasoning on Knowledge Graph [J]. Computer Science, 2022, 49(6A): 74-85.
[9] DENG Kai, YANG Pin, LI Yi-zhou, YANG Xing, ZENG Fan-rui, ZHANG Zhen-yu. Fast and Transmissible Domain Knowledge Graph Construction Method [J]. Computer Science, 2022, 49(6A): 100-108.
[10] DU Xiao-ming, YUAN Qing-bo, YANG Fan, YAO Yi, JIANG Xiang. Construction of Named Entity Recognition Corpus in Field of Military Command and Control Support [J]. Computer Science, 2022, 49(6A): 133-139.
[11] XIONG Zhong-min, SHU Gui-wen, GUO Huai-yu. Graph Neural Network Recommendation Model Integrating User Preferences [J]. Computer Science, 2022, 49(6): 165-171.
[12] ZHONG Jiang, YIN Hong, ZHANG Jian. Academic Knowledge Graph-based Research for Auxiliary Innovation Technology [J]. Computer Science, 2022, 49(5): 194-199.
[13] LI Jia-rui, LING Xiao-bo, LI Chen-xi, LI Zi-mu, YANG Jia-hai, ZHANG Lei, WU Cheng-nan. Dynamic Network Security Analysis Based on Bayesian Attack Graphs [J]. Computer Science, 2022, 49(3): 62-69.
[14] LIANG Jing-ru, E Hai-hong, Song Mei-na. Method of Domain Knowledge Graph Construction Based on Property Graph Model [J]. Computer Science, 2022, 49(2): 174-181.
[15] LI Jia-ming, ZHAO Kuo, QU Ting, LIU Xiao-xiang. Research and Analysis of Blockchain Internet of Things Based on Knowledge Graph [J]. Computer Science, 2021, 48(6A): 563-567.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: [email protected]
Powered by Beijing Magtech Co., Ltd.