Approach to Security Attack Pattern Networks on the Basis of Bayesian Networks
APPLIED MATHEMATICS & INFORMATION SCIENCES(2013)
摘要
Researchers are becoming more and more interested in the security issues of software engineering. It will effectively reduce the cost of development and maintenance in order to detect and predict security threats. In this paper, attack patterns are analysed in the field of software engineering, and Bayesian Networks is applied to construct attack networks topology, to find the dependencies of attack patterns. It helps to find the vulnerable points, locate the path of security threats effectively, and predict probable attacks reasonably. We use multi-variant statistical analysis for the attack networks, and factor analysis is applied to reduce the relevance. In Dirichlet distribution, the state transition distribution of each attack node is calculated to detect and predict the security threats. In order to verify the effectiveness and robustness of the approach, buffer flow is chosen as the analysis domain, and 14 attack patterns are selected for the experiments. It shows that attack patterns are effectively modelled based on Bayesian Networks and potential attack patterns are discovered, while threats are predicted and located accurately.
更多查看译文
关键词
Bayesian Networks,Attack Pattern Networks,Attack Path
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络