| In recent years,with the rapid development of information technology,security incidents such as information leakage have occurred frequently.Trojans,worms,and ransomware[1]on the Internet are complex,which pose a major threat to individuals,society,and the country.[2]Because of the transparency of the Internet,network attacks can be carried out at a very low cost.Attackers will use simple vulnerabilities as a springboard to gain access to sensitive user information and attack the network,so analyzing vulnerability exploitation behavior is urgent.The purpose of this paper is to establish a hazard assessment mechanism for combined use of multiple vulnerabilities through the formal analysis of the exploit process,and to mine its relevance,predict unknown vulnerabilities and respond in a timely manner.The research work of this article mainly includes the following aspects:(1)Aiming at the problem that it is difficult to model vulnerability exploitation and the attack process is too macroscopic,this paper proposes a fine-grained modeling method for vulnerability exploitation behavior.Researching the process of vulnerability exploitation and modeling based on Petri Net,conducting simulation on the model to verify its superiority in terms of time efficiency.In addition,the risk location of the model is located according to the conflict detection algorithm and defensive measures are taken.The modeling method in this article provides a new approach to the problem of difficulty in modeling traditional methods,making up for the macro shortcomings in describing the attack process.Finally,a qualitative analysis of the model is conducted to analyze the modeling advantages of this method and provide basic support for subsequent work.(2)Aiming at the problem that the traditional vulnerability hazard assessment method is single and can not evaluate the hazard of nested vulnerabilities,this paper proposes a hazard assessment method for combined utilization of nested vulnerabilities.Firstly,map the combined exploitation process of nested vulnerabilities to both network and system dimensions,and then combines the Common vulnerability Scoring system(Common Vulnerability Scoring System,CVSS)for 3D modeling.Finally,evaluate the harmfulness of each vulnerability in the model and explore the harm caused by the combination of vulnerabilities.Qualitative and quantitative analysis of vulnerability combination utilization was conducted through experiments.Through testing in common nested vulnerability combination utilization scenarios,it was found that hazard assessment can be conducted on common nested vulnerability combination utilization.(3)Aiming at the challenges of complex and variable vulnerability exploitation paths and passive vulnerability correlation analysis,this paper proposes a multiple vulnerability exploitability correlation mining method.Study the relationship between vulnerabilities and network services,and construct a macro micro graph model combining multiple vulnerability exploitation based on Petri Net.In this paper,Apriori algorithm is used to mine the association rules between vulnerability exploitation behaviors,and the influencing factors and interaction mechanism of vulnerability exploitation behaviors are explored from multiple perspectives.This article provides a new method for analyzing the passivity of the correlation between multiple vulnerabilities,which can mine unknown vulnerabilities based on the known correlation between vulnerabilities and improve system security. |
PDF Full Text Request