APT Attack And Defense Tree Model Based On Analytic Hierarchy Process

Posted on:2020-01-25

Degree:Master

Type:Thesis

Country:China

Candidate:Y Fei

Full Text:PDF

GTID:2430330572975913

Subject:Management Science and Engineering

Abstract/Summary:

PDF Full Text Request

In recent years,the network environment is complex and changeable with the rapid development of computer network.APT attacks occur frequently,but the existing network attack models can not meet the analysis requirements of APT attacks and defense strategies.New models need to be studied and explored.Based on this,this paper carries out the following model on APT attack events:(1)ATP Attack Model Based on Analytic Hierarchy ProcessAPT attack model is an important means to analyze APT attack behavior.Most of the existing network attack modeling methods including attack language,attack tree,attack graph and other modeling methods.The model is single and not fully applicable to APT attacks.Based on this,a joint analysis method of APT attack tree model and APT attack path model is proposed.On the one hand,APT attack tree model is quantified by analytic hierarchy process(AHP).On the other hand,APT attack tree model and APT attack path model are correlated by "APT weight tree".Experiments show that the APT attack model is feasible in simulating and analyzing APT attacks.(2)APT Attack and Defense Model Based on Analytic Hierarchy ProcessAPT attack event analysis is not only the simulation and quantification of APT attack behavior,but also the analysis of defense strategy.Traditional network attack modeling often neglects the research of defense strategy.Based on this,an APT attack-defense tree model is proposed.On the one hand,the attack nodes are quantified by analytic hierarchy process(AHP),on the other hand,the impact factors are proposed to quantify the defense nodes,and evaluation indicators are defined.Different quantification methods based on APT attack tree model and APT attack path model are introduced,and the availability of the method is verified in experiments.This paper combines the analysis of APT attack events with the attack-defense tree model,and deeply studies the key technologies of model combination and quantification.Experiments show that the proposed model is reasonable and effective,and can provide support for APT attack modeling and quantitative analysis.

Keywords/Search Tags:

APT attack, attack and defense tree, AHP algorithm, Cyber-Kill-Chain

PDF Full Text Request

Related items

1	Research On The Invulnerablity And Dynamic Attack-defense Game Of Cyber Physical Power System
2	Research On Game Theory Based Cyber Attack-defense Strategies In Cyber Physical Power Systems
3	A Class Of Random Network Attack And Dynamic System Model And Its Threshold Properties
4	Vulnerability Of Complex Networks Under New Attack Strategies
5	GPS Spoofing Attack And Defense For PMU
6	Research On New Quantum Algorithm Attack Model Based On Symmetric Cryptosystem
7	Research On Security Estimation Of Cyber Physics Systems Based On Game Theory
8	Research On Effectiveness Evaluation Model Of Attack Defense Confrontation Of Submarine Formation
9	Security Research Of Hash Functions Based On Chaotic System
10	Research On Network Security Situation Based On Attack-defense Evolutionary Game