Computer Science

Computer Science ›› 2021, Vol. 48 ›› Issue (6A): 468-476.doi: 10.11896/jsjkx.200900205

• Information Security • Previous Articles     Next Articles

Anti-target Attack Tree Model for Threat Detection

DU Jin-lian, SUN Peng-fei, JIN Xue-yun   

  1. Faculty of Information,Beijing University of Technology,Beijing 100023,China
  • Online:2021-06-10 Published:2021-06-17
  • About author:DU Jin-lian,born in 1972,Ph.D,associate professor,is a member of China Computer Federation.Her main research interests include software reliabi-lity and security requirement,text data analysis,and physical based simulation.
    JIN Xue-yun,born in 1972,lecturer.Her main research interest includes software automation.

PDF (PC)

1011

Abstract: In recent years,complex and diverse network attacks are led by increasing number of loopholes together with the continuous evolution of network intrusion methods and hacker techniques.However,the traditional attack tree model is difficult to be construct automatically,and its quality is highly dependent on analyst's expertise.Besides,it has some shortcomings in the expression about the relationship between attack intention and attack operation.In order to detect potential security threads to system assets with high quality and support the implementation of automatic detection,this paper proposes an anti-target attack tree model and its construction method based on the intention of attackers.Based on the attacker's intention,the model describes the attacker's attack process and target by iteratively decomposing the anti-target elements,and expresses it in the form of attack tree,so as to find the security problems of the system efficiently.Based on the Datalog language,a formal description of the decomposition strategy of the anti-target attack tree model is given and the inference rules are defined to provide support for the automatic construction of the anti-target attack tree model and the automatic detection of the attack risks.The method proposed in this paper is applied to real attack case scenarios for analysis,and the actual attack scenarios and potential security risks of the attacked system are successfully detected,which proves the effectiveness of the proposed method.

Key words: Aautomatic detection, Anti-target attack tree model, Attack strategy, Formal reasoning, Risk detection

CLC Number: 

  • TP309
[1] SCHNEIER B.Attack trees[J].Dr. Dobb's Journal,1999,24(12):21-29.
[2] LI T,HORKOFF J,BECKERS K,et al.A holistic approach to security attack modeling and analysis[J].Proceedings of the Eighth International i* Workshop,2015,13(2):49-54.
[3] HUANG H P,XIAO S D,MENG X Y.Atack tree-based method for asesing cyber security risk of industrial control system[J].Aplication Research of Computers,2015,32(10):3032-3035.
[4] LI H,ZHANG R,LIU J Y,et al.Safety asesment on digital radio transmision based on atack tre model[J].Netinfo Security,2014,14(8):71-76.
[5] HE M L,CHEN Z M,LONG X D.Improvement of attack tree model based on analytic hierarchy process[J].Application Research of Computers,2016,33(12):3755-3758.
[6] LV Z P,QI Q.Attack tree model based onfuzzy analytic hierarchy process [A].Computer Engineering and Design,2018,39(6):1501-1505.
[7] LUO S L,ZHANG L,GUO L,et al.An efficient serial modeling method of attack tree [J].Journal of Beijing University of Technology,2013,33(5):500-504.
[8] NIU B R,LIU P Y,DUAN L S.An improved Trojan analysis and detection based on attack tree[J].Computer Application and Software,2014,31(3):277-330.
[9] XIE L C,YUAN P.Improving malicious code detection method of attack tree [J].Computer Engineering and Design,2013,34(5):1599-1608.
[10] YANG Y,HUANG H.Detection method of Trojan horse based on attack tree [J].Computer Engineering and Design,2008,29(11):2711-2715.
[11] SU Y D,LI G.Discussion on formal modeling of network attack [J].Computer Engineering and Application,2004,23(6):135-138.
[12] YAN F,YIN X C,HUANG H.Research on establishing net-work intrusion modeling method based on MLL-AT [J].Journal of Communications,2011,32(3):116-125.
[13] PAUL S.Towards automating the construction & maintenance of attack trees:a feasibility study[J].arXiv:1404.1986,2014.
[14] TANG S J,LI X J,TU S Z,et al.A description language for attack tree modeling [J].Journal of Beijing University of Aeronautics and Astronautics,2007,33(12):1486-1490.
[15] SHI Z C,CHEN C,PENG D,et al.Research on formal description method in the process of network attack [J].Computer Application Research,2007,24(5):150-156.
[16] DUAN Y X,WANG H F.Research on the formalization of network attack mode based on improvement [J].Journal of China University of Petroleum (Natural Science Edition),2007,31(1):144-147.
[17] GIORGINI P,MASSACCI F,MYLOPOULOS J,et al.Modeling Security Requirements Through Ownership,Permission and Delegation[C]//Requirements Engineering Conference (RE).2005:167-176.
[18] GIORGINI P,MASSACCI F,MYLOPOULOUS J,et al.Re-quirements Engineering meets Trust Management:Model,Methodology,and Reasoning[C]//Proc.of iTrust'04,LNCS 2995.Springer-Verlag,2004:176-190.
[19] TIDWELL T,LARSON R,FITCH K,et al.Modeling Internet Attacks[C]//Proceedings of the 2001 IEEE Workshop on Information Assurance and Security United States Military Academy.2001.
[20] LAMSWEERDE A V.Elaborating security requirements byconstruction of intentional anti-models[C]//ICSE.2004:148-157.
[21] SHOSTACK A.Threat Modeling:Designing for Security[M].John Wiley & Sons,2014.
[22] SCANDARIATO R,WUYTS K,JOOSEN W.A descriptivestudy of microsofts threat modeling technique[J].Requirements Engineering,20(2):163-180.
[23] Information technology-Security techniques-Information security riskmanagement[M].ISO,2011.
[24] KREBS B.Email Attack on Vendor Set Up Breach at Target[EB/OL].http://krebsonsecurity.com/2014/02/email-attack-on-vendor-set-up-breach-at-target/.
[1] NING Han-yang, MA Miao, YANG Bo, LIU Shi-chang. Research Progress and Analysis on Intelligent Cryptology [J]. Computer Science, 2022, 49(9): 288-296.
[2] TANG Ling-tao, WANG Di, ZHANG Lu-fei, LIU Sheng-yun. Federated Learning Scheme Based on Secure Multi-party Computation and Differential Privacy [J]. Computer Science, 2022, 49(9): 297-305.
[3] LIU Jie-ling, LING Xiao-bo, ZHANG Lei, WANG Bo, WANG Zhi-liang, LI Zi-mu, ZHANG Hui, YANG Jia-hai, WU Cheng-nan. Network Security Risk Assessment Framework Based on Tactical Correlation [J]. Computer Science, 2022, 49(9): 306-311.
[4] LYU You, WU Wen-yuan. Privacy-preserving Linear Regression Scheme and Its Application [J]. Computer Science, 2022, 49(9): 318-325.
[5] DOU Jia-wei. Privacy-preserving Hamming and Edit Distance Computation and Applications [J]. Computer Science, 2022, 49(9): 355-360.
[6] GAO Chun-gang, WANG Yong-jie, XIONG Xin-li. MTDCD:A Hybrid Defense Mechanism Against Network Intrusion [J]. Computer Science, 2022, 49(7): 324-331.
[7] LIANG Zhen-zhen, XU Ming. Key Agreement Scheme Based on Ocean Acoustic Channel [J]. Computer Science, 2022, 49(6): 356-362.
[8] DU Hong-yi, YANG Hua, LIU Yan-hong, YANG Hong-peng. Nonlinear Dynamics Information Dissemination Model Based on Network Media [J]. Computer Science, 2022, 49(6A): 280-284.
[9] FU Li-yu, LU Ge-hao, WU Yi-ming, LUO Ya-ling. Overview of Research and Development of Blockchain Technology [J]. Computer Science, 2022, 49(6A): 447-461.
[10] WEI Hong-ru, LI Si-yue, GUO Yong-hao. Secret Reconstruction Protocol Based on Smart Contract [J]. Computer Science, 2022, 49(6A): 469-473.
[11] LIANG Yi-wen, DU Yu-song. Timing Attack Resilient Sampling Algorithms for Binary Gaussian Based on Knuth-Yao [J]. Computer Science, 2022, 49(6A): 485-489.
[12] YAN Meng, LIN Ying, NIE Zhi-shen, CAO Yi-fan, PI Huan, ZHANG Lan. Training Method to Improve Robustness of Federated Learning [J]. Computer Science, 2022, 49(6A): 496-501.
[13] CHEN Yan-bing, ZHONG Chao-ran, ZHOU Chao-ran, XUE Ling-yan, HUANG Hai-ping. Design of Cross-domain Authentication Scheme Based on Medical Consortium Chain [J]. Computer Science, 2022, 49(6A): 537-543.
[14] ZHOU Hang, JIANG He, ZHAO Yan, XIE Xiang-peng. Study on Optimal Scheduling of Power Blockchain System for Consensus Transaction ofEach Unit [J]. Computer Science, 2022, 49(6A): 771-776.
[15] LIU Lin-yun, CHEN Kai-yan, LI Xiong-wei, ZHANG Yang, XIE Fang-fang. Overview of Side Channel Analysis Based on Convolutional Neural Network [J]. Computer Science, 2022, 49(5): 296-302.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.