文章基本信息

标题：A Novel Attack Graph Posterior Inference Model Based on Bayesian Network
本地全文：下载
作者：Shaojun Zhang ; Shanshan Song
期刊名称：Journal of Information Security
印刷版ISSN：2153-1234
电子版ISSN：2153-1242
出版年度：2011
卷号：2
期号：1
页码：8-27
DOI：10.4236/jis.2011.21002
出版社：Scientific Research Publishing
摘要：Network attack graphs are originally used to evaluate what the worst security state is when a concerned net-work is under attack. Combined with intrusion evidence such like IDS alerts, attack graphs can be further used to perform security state posterior inference (i.e. inference based on observation experience). In this area, Bayesian network is an ideal mathematic tool, however it can not be directly applied for the following three reasons: 1) in a network attack graph, there may exist directed cycles which are never permitted in a Bayesian network, 2) there may exist temporal partial ordering relations among intrusion evidence that can-not be easily modeled in a Bayesian network, and 3) just one Bayesian network cannot be used to infer both the current and the future security state of a network. In this work, we improve an approximate Bayesian posterior inference algorithm–the likelihood-weighting algorithm to resolve the above obstacles. We give out all the pseudocodes of the algorithm and use several examples to demonstrate its benefit. Based on this, we further propose a network security assessment and enhancement method along with a small network scenario to exemplify its usage.
关键词：Network Security; Attack Graph; Posterior Inference; Bayesian Network; Likelihood-Weighting