《计算机应用研究》|Application Research of Computers

基于Petri网的APT攻击模型生成方法

Modeling method for advanced persistent threat based on Petri

免费全文下载 (已被下载 次)  
获取PDF全文
作者 杜镇宇,刘方正,李翼宏
机构 国防科学技术大学 电子对抗学院,合肥 230037
统计 摘要被查看 次,已被下载
文章编号 1001-3695(2019)07-047-2134-09
DOI 10.19734/j.issn.1001-3695.2018.01.0041
摘要 在严峻的APT(advanced persistent threat)攻击防御背景下,针对现有网络攻击建模方法无法反映APT攻击的攻击特点的问题,建立了基于Petri网的APT攻击模型。借助Petri网,针对APT攻击的特点及生命周期,建立APT攻击的基本Petri网模型;然后设计并实现针对具体APT攻击的APTPN(advanced persistent threat petri nets)模型的生成算法,该算法能够生成具体APT攻击的完整的攻击路径,并能够对APT攻击进行检测及预测。实验通过模拟极光攻击验证了算法的有效性及正确性,并能够根据收集到的报警信息预测攻击者下一步的攻击手段。
关键词 Petri网; APT; APTPN; 建模; 攻击路径
基金项目 国家自然科学基金资助项目(U1636201)
本文URL http://www.arocmag.com/article/01-2019-07-047.html
英文标题 Modeling method for advanced persistent threat based on Petri
作者英文名 Du Zhenyu, Liu Fangzheng, Li Yihong
机构英文名 Electronic Confrontation Institute,National University of Defense Technology University,Hefei 230037,China
英文摘要 Against the background of severe APT attacking defense, aiming at the fact that the existing network attack modeling methods can not reflect the attack features of APT attacks, this paper established an APT attack model based on Petri nets. With Petri nets, it first established the basic Petri net model of APT attacks according to the characteristics and life cycle of APT attacks. Then, it designed and implemented the algorithm of generating APTPN model to generate its complete attack path against a specific APT attack. Finally, experiments verify the effectiveness and correctness of the algorithm by simulating auroral attacks.
英文关键词 Petri nets; APT; APTPN; modeling; attack path
参考文献 查看稿件参考文献
 
收稿日期 2018/1/24
修回日期 2018/3/9
页码 2134-2142
中图分类号 TP309.2
文献标志码 A