网络攻击模型研究综述

摘要/Abstract

摘要： 随着信息技术的快速发展，网络攻击逐渐呈现多阶段、分布式和智能化的特性，单一的防火墙、入侵检测系统等传统网络防御措施不能很好地保护开放环境下的网络系统安全。网络攻击模型作为一种攻击者视角的攻击场景表示，能够综合描述复杂多变环境下的网络攻击行为，是常用的网络攻击分析与应对工具之一。本文首先介绍主要网络攻击模型，包括传统树、图、网结构模型和现代杀伤链、ATT&CK、钻石模型等；然后再对网络攻击模型的分析与应用进行说明，其中以求解攻击指标为目的的分析过程主要包括概率框架、赋值方法和求解方法，基于生命周期的攻击模型应用则包括了攻击者视角和防守者视角的应用过程；最后总结了网络攻击模型及其分析应用的现有挑战与未来方向。

关键词: 网络系统安全, 攻击行为, 攻击模型, 攻击模型分析, 攻击模型应用

Abstract: With the rapid development of information technology, network attacks have gradually presented multi-stage, distributed and intelligent characteristics. Single firewalls, intrusion detection systems and other traditional network defense measures cannot well protect the network system security in an open environment. As a kind of attack scene representation from the attacker's perspective, the network attack model can comprehensively describe the network attack behavior in a complex and changeable environment, and is one of the commonly used network attack analysis and response tools. This paper first introduces the current main network attack models, including traditional trees, graphs, nets structure models and modern attack chains, ATT&CK, diamond models, etc. Then the analysis and application of network attack model will be explained. The analysis process for the purpose of solving the attack index mainly includes the probability framework, the assignment method and the solution method, and the application of the attack model based on the life cycle includes the application of the attackers and the defenders' perspective; Finally, the current challenges and future directions of the network attack model and its analysis and application are summarized.

Key words: network system security, attack behavior, attack model, analysis and application of attack model, application of attack model

平国楼叶晓俊. 网络攻击模型研究综述[J]. 信息安全研究, 2020, 6(12): 1058-1067.

参考文献

[1] 新华网. 国家信息中心联合瑞星发布《2019年中国网络安全报告》[EB/OL]. (2020-01-15)[2020-07-04]. http://www.xinhuanet.com/politic s/202001/15/ c_1125466263.htm [2] 深信服科技. 关于某黑客组织利用深信服SSL VPN设备漏洞事件的说明. [EB/OL]. (2020-04-07)[2020-07-04]. https://mp.weixin.qq.com/s /lKp_3kPNEycXqfCnVPxoDw [3] Schneier B . Attack Trees[J]. Doctor Dobbs Journal, 1999, 24(12): 21-29 [4] Phillips C, Swiler L P. A graph-based system for network-vulnerability analysis[C]//Proceedings of the 1998 workshop on New security paradigms. 1998: 71-79. [5] McDermott J P. Attack net penetration testing[C]//Proceedings of the 2000 workshop on New security paradigms. 2001: 15-21. [6] Hutchins E M, Cloppert M J, Amin R M. Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains[J]. Leading Issues in Information Warfare & Security Research, 2011, 1(1): 80. [7] Strom B E, Applebaum A, Miller D P, et al. Mitre att&ck: Design and philosophy[J]. Technical report, 2018. [8] Caltagirone S, Pendergast A, Betz C. The diamond model of intrusion analysis[R]. Center For Cyber Intelligence Analysis and Threat Research Hanover Md, 2013. [9] Hong J B , Kim D S , Chung C J , et al. A survey on the usability and practical applications of Graphical Security Models[J]. Computer Science Review, 2017, 26(NOV.):1-16 [10代廷合. 一种基于攻击树的网络攻击模型[D]. 重庆: 重庆大学, 2008 [11] Barbara K, Sjouke M, Saša R, et al. Foundations of Attack–Defense Trees[C]// International Workshop on Formal Aspects in Security & Trust. Springer, Berlin, Heidelberg, 2010 [12]陈锋. 基于多目标攻击图的层次化网络安全风险评估方法研究[D]. 长沙:国防科学技术大学, 2009. [13] Jha S, Sheyner O, Wing J. Two formal analyses of attack graphs[C]//Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15. IEEE, 2002: 49-63. [14] Kordy B, Piètre-Cambacédès L, Schweitzer P. DAG-based attack and defense modeling: Don’t miss the forest for the attack trees[J]. Computer science review, 2014, 13: 1-38. [15] Bezawada B, Ray I , Tiwary K . AGBuilder: An AI Tool for Automated Attack Graph Building, Analysis, and Refinement[M]// Data and Applications Security and Privacy XXXIII. Springer, Cham, 2019. [16] Kumar S, Spafford E H. A pattern matching model for misuse intrusion detection[J]. 1994 [17]高翔. 网络安全评估理论及其关键技术研究. [D]. 郑州:解放军信息工程大学, 2014 [18] Steffan J, Schumacher M. Collaborative attack modeling[C]// Proceedi ngs of the 2002 ACM symposium on Applied computing. 2002: 253-259. [19]黄光球, 白璐. 基于对象 Petri 网的信任攻击建模与分析[J]. 系统仿真学报, 2017, 29(8): 1702-1711 [20] Wu X Y , Wu X Y . Extended object-oriented Petri net model for mission reliability simulation of repairable PMS with common cause failures[J]. Reliability Engineering & System Safety, 2015, 136(apr.):109-119 [21] Messaoud B I D, Guennoun K, Wahbi M, et al. Advanced Persistent Threat: New analysis driven by life cycle phases and their challenges[C]//2016 International Conference on Advanced Communication Systems and Information Security (ACOSIS). IEEE, 2016: 1-6 [22] Duncan A, Creese S, Goldsmith M. A Combined Attack-Tree and Kill-Chain Approach to Designing Attack-Detection Strategies for Malicious Insiders in Cloud Computing[C]//2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). IEEE, 2019: 1-9 [23] 李汶娟, 张琳琳, 赵楷, 等. 基于攻击树与 Petri 网的软件安全关注点建模[J]. 现代计算机: 中旬刊, 2014 (6): 37-42. [24]程凯歌. 基于攻击图和 Petri 网的网络攻击模型研究[D]. 西安: 西安建筑科技大学, 2010 [25]胡浩,刘玉岭,张玉臣,张红旗. 基于攻击图的网络安全度量研究综述[J].网络与信息安全学报,2018,4(09):1-16 [26] Qin X, Lee W. Attack plan recognition and prediction using causal networks[C]//20th Annual Computer Security Applications Conference. IEEE, 2004: 370-379. [27] Poolsappasit N, Dewri R, Ray I. Dynamic security risk management using bayesian attack graphs[J]. IEEE Transactions on Dependable and Secure Computing, 2011, 9(1): 61-74. [28] Ghani H, Garcia J L, Petkov I, et al. User-centric security assessment of software configurations: A case study[C]//International Symposium on Engineering Secure Software and Systems. Springer, Cham, 2014: 196-212. [29] Chen Y, Boehm B W. Stakeholder value driven threat modeling for off the shelf based systems[C]//29th International Conference on Software Engineering (ICSE'07 Companion). IEEE, 2007: 91-92. [30] Khand P A. System level security modeling using attack trees[C]//2009 2nd International Conference on Computer, Control and Communicatio n. IEEE, 2009: 1-6. [31]陈锋, 张怡, 苏金树, 等. 攻击图的两种形式化分析[J]. 软件学报, 2010, 21(4): 838-848. [32] Ali H, Khan F A. Attributed multi-objective comprehensive learning particle swarm optimization for optimal security of networks[J]. Applied soft computing, 2013, 13(9): 3903-3921. [33]阚流星, 鲁鹏俊, 王丽娜, 等. 基于攻击树和 Agent 技术的攻击模型[J].计算机工程, 2003,29(18):80-81 [34]周伟, 王丽娜, 张焕国. 一种基于攻击树的网络攻击系统[J]. 计算机工程与应用, 2006,24:125-128 [35]虞霞. 基于攻击树和模糊层次分析法的网络攻击决策研究[D]. 重庆:重庆大学, 2010. [36] Sarraute C, Richarte G, Lucángeli Obes J. An algorithm to find optimal attack paths in nondeterministic scenarios[C]//Proceedings of the 4th ACM workshop on Security and artificial intelligence. 2011: 71-80 [37] Idika N , Bhargava B . Extending Attack Graph-Based Security Metrics and Aggregating Their Application[J]. IEEE Transactions on Dependable & Secure Computing, 2012, 9(1):0-85 [38]张继业,谢小权.基于攻击图的渗透测试模型的设计[J]. 计算机工程与设计,2004,06(26),1516-1518 [39] Tidwell T, Larson R, Fitch K, et al. Modeling internet attacks[C]//Proceedings of the 2001 IEEE Workshop on Information Assurance and security. United States Military Academy West Point, NY, 2001, 59. [40] Noel S, Robertson E, Jajodia S. Correlating intrusion events and building attack scenarios through attack graph distances[C]//20th Annual Computer Security Applications Conference. IEEE, 2004: 350-359. [41] Qin X, Lee W. Discovering novel attack strategies from INFOSEC alerts[C]//European Symposium on Research in Computer Security. Springer, Berlin, Heidelberg, 2004: 439-456. [42]王辉, 刘淑芬. 改进的最小攻击树攻击概率生成算法[J]. 吉林大学学報 (工学版), 2007, 37(5): 1142-1147. [43] Shameli-Sendi A, Ezzati-Jivan N, Jabbarifar M, et al. Intrusion response systems: survey and taxonomy[J]. Int. J. Comput. Sci. Netw. Secur, 2012, 12(1): 1-14.