CAJ | 학술논문

针对目前利用攻击图进行风险评估时，存在过于依赖已知漏洞知识库、仅仅利用原子攻击本质属性进行量化分析而没有很好地关联攻击者主观的攻击意愿等问题，提出了一种基于攻击者攻击意愿分析的动态风险评估模型。通过融合已知威胁和潜在威胁构建原子攻击库，分析在系统网络环境下不同时期攻击者所面临的攻击压力，量化攻击者决策时的攻击意愿，将攻击意愿和原子攻击本身的攻击性质加入到贝叶斯网络攻击图的动态推理模型中。实验证明了该模型的合理性，并且该系统更适合于实际网络环境下的实时风险评估。
침대목전이용공격도진행풍험평고시，존재과우의뢰이지루동지식고、부부이용원자공격본질속성진행양화분석이몰유흔호지관련공격자주관적공격의원등문제，제출료일충기우공격자공격의원분석적동태풍험평고모형。통과융합이지위협화잠재위협구건원자공격고，분석재계통망락배경하불동시기공격자소면림적공격압력，양화공격자결책시적공격의원，장공격의원화원자공격본신적공격성질가입도패협사망락공격도적동태추리모형중。실험증명료해모형적합이성，병차해계통경괄합우실제망락배경하적실시풍험평고。
This article proposes a new dynamic network risk analysis model based on attackers’ inclination in order to solve some problems of the traditional risk analysis method based on attack graph . T raditional attack graph based on risk assessment method relies highly on the know n vulnerability database and only analyzes the atomic attacks’ attribute regardless of the relationship between attack strategies and attackers’ inclination . In our model we take both the existing vulnerabilities and unknow n threatens into consideration ,then evaluate the attackers pressures during different attack periods so that we quantize the attackers’ inclination dynamically under the network environment .Then ,we add the attackers’ inclination factors and atomic attack attributes into graph based risk assessment model ,and we create a new type of attack graph using attackers’ inclination factors .Finally we set up a dynamic risk assessment method by using Bayesian reasoning engine .We convert our static attack to the dynamic Bayesian attack graph , and use the posterior probability computed by Bayesian reasoning engine to realize the dynamic risk assessment .We establish a real‐world experiment environment to simulate our dynamic risk assessment model based on attackers’ inclination and validate its function .Experimental results demonstrate the rationality of this model , and prove that this system is more suitable for real‐time risk assignment under the actual network environment .