Computer Science

Computer Science ›› 2023, Vol. 50 ›› Issue (9): 35-43.doi: 10.11896/jsjkx.230500025

• Data Security • Previous Articles     Next Articles

Hierarchical Task Network Planning Based Attack Path Discovery

WANG Zibo1, ZHANG Yaofang1, CHEN Yilu1, LIU Hongri1,2, WANG Bailing1, WANG Chonghua3   

  1. 1 School of Computer Science and Technology,Harbin Institute of Technology(Weihai),Weihai,Shandong 264209,China
    2 Weihai Cyberguard Technologies Co.Ltd,Weihai,Shandong 264209,China
    3 China Industrial Control Systems Cyber Emergency Response Team,Beijing 100040,China
  • Received:2023-05-05 Revised:2023-07-06 Online:2023-09-15 Published:2023-09-01
  • About author:WANG Zibo,born in 1992,postgra-duate.His main research interests include industrial Internet security and industrial control system security assessment.
    WANG Bailing,born in 1978,Ph.D,professor,Ph.D supervisor,is a member of China Computer Federation.His main research interests include cyber security,information content security and industrial Internet security.
  • Supported by:
    National Key R & D Program of China(2021YFB2012400).

PDF (PC)

2079

Abstract: Attack path discovery is a critical task for cyber asset security assessment.The existing artificial intelligence-based planning for attack path discovery method is favored by security practitioners due to its rich modeling language and complete planning algorithm,but its scalability problem cannot be ignored.For that reason,a hierarchical task network-based attack path method is proposed.Specifically,concerning the scalability problem,the proposed method is decomposed into the following three stages:first and foremost,focusing on undesirable attack path generation performance caused by expanding network scale,a multi-level K-way partitioning algorithm is introduced into the target topology; subsequently,focusing on the difficulty of domain problem description caused by complex discovery tasks,an attack path-oriented hierarchical task network is constructed with the combination of expert experiments; and finally,focusing on low attack path updating efficiency caused by demands on what-if security analysis,a maintenance scheme is designed for local information changes of assets.Experimental results show that the proposed method is suitable for attack path discovery in large-scale network which has an advantage over efficiency and scalability.

Key words: Artificial intelligence planning, Hierarchical task network, Multi-level K-way partitioning algorithm, Attack path discovery, Attack path extension

CLC Number: 

  • TP393
[1]LALLIE H S,DEBATTISTA K,BAL J.A review of attackgraph and attack tree visual syntax in cyber security[J].Computer Science Review,2020,35:100219-100259.
[2]ZENITANI K.Attack graph analysis:an explanatory guide[J].Computers & Security,2022,126:103081-103101.
[3]ZANG Y C,ZHU T Y,ZHU J H,et al.Domain-independent intelligent planning technology and its application to automated penetration testing oriented attack path discovery[J].Journal of Electronics & Information Technology,2020,42(9):2095-2107.
[4]OU X,GOVINDAVAJHALA S,APPEL A W.MulVAL:ALogic-based Network Security Analyzer[C]//USENIX security symposium.2005:113-128.
[5]INOKUCHI M,OHTA Y,KINOSHITA S,et al.Design procedure of knowledge base for practical attack graph generation[C]//Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security.2019:594-601.
[6]STAN O,BITTON R,EZRETS M,et al.Extending AttackGraphs to Represent Cyber-Attacks in Communication Protocols and Modern IT Networks[J].IEEE Transactions on Dependable and Secure Computing,2022,19(3):1936-1954.
[7]SAHA D.Extending logical attack graphs for efficient vulnerability analysis[C]//Proceedings of the 15th ACM Conference on Computer and Communications Security.2008:63-74.
[8]GHOSH N,GHOSH S K.A planner-based approach to generate and analyze minimal attack graph[J].Applied Intelligence,2012,36:369-390.
[9]GAO W L,ZHOU T Y,ZHU J H,et al.Network attack path discovery method based on bidirectional ant colony algorithm[J].Computer Science,2022,49(S1):516-522.
[10]BEZAWADA B,RAY I,TIWARY K.AGBuilder:an AI tool for automated attack graph building,analysis,and refinement[C]//IFIP Annual Conference on Data and Applications Security and Privacy.Cham:Springer,2019:23-42.
[11]KAYNAR K,SIVRIKAYA F.Distributed attack graph generation[J].IEEE Transactions on Dependable and Secure Computing,2015,13(5):519-532.
[12]CAO N,LV K,HU C.An attack graph generation method based on parallel computing[C]//Science of Cyber Security:First International Conference.Springer International Publishing,2018:34-48.
[13]LIU Y Z,CHEN Y Z,GUO K,et al.Distributed process mining and graph segmentation for network attack modeling [J].Journal of Chinese Mini-Micro Computer Systems,2020,41(8):1732-1740.
[14]SHAO T H,ZHANG H J,CHENG K,et al.Review of replanning in hierarchical task network [J].Journal of Systems Engineering and Electronics,2020,42(12):2833-2846.
[15]HERRMANN J,KHO J,UÇAR B,et al.Acyclic partitioning of large directed acyclic graphs[C]//2017 17th IEEE/ACM International Symposium on Cluster,Cloud and Grid Computing(CCGRID).IEEE,2017:371-380.
[16]CHEN F,ZHANG Y,SU J S,et al.Two Formal Analyses of Attack Graphs [J].Journal of Software,2010,21(4):838-848.
[17]Simple Hierarchical Ordered Planner(SHOP)[EB/OL].https://www.cs.umd.edu/projects/shop/.
[18]Fast Forward(FF) [EB/OL].https://fai.cs.uni-saarland.de/hoffmann/ff.html.
[19]SGPlan(Version 5.0)[EB/OL].https://wah.cse.cuhk.edu.hk/wah/programs/SGPlan/.
[20]Fast Downward(FD)[EB/OL].https://github.com/aibasel/downward.
[21]Partial Order Planning Forwards(POPF)(Version 2.0) [EB/OL].https://nms.kcl.ac.uk/planning/software/popf.html.
[22]Heavy-edge matching [EB/OL] https://github.com/loukasa/graph-coarsening.
[1] ZENG Qingwei, ZHANG Guomin, XING Changyou, SONG Lihua. Intelligent Attack Path Discovery Based on Hierarchical Reinforcement Learning [J]. Computer Science, 2023, 50(7): 308-316.
[2] GAO Wen-long, ZHOU Tian-yang, ZHU Jun-hu, ZHAO Zi-heng. Network Attack Path Discovery Method Based on Bidirectional Ant Colony Algorithm [J]. Computer Science, 2022, 49(6A): 516-522.
[3] LUO Jun-ren, ZHANG Wan-peng, LU Li-na, CHEN Jing. Survey on Online Adversarial Planning for Real-time Strategy Game [J]. Computer Science, 2022, 49(6): 287-296.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.