Title :
Recognizing Intrusive Intention and Assessing Threat Based on Attack Path Analysis
Author :
Peng Wu ; Yao Shuping ; Chen Junhua
Author_Institution :
Sch. of Mech. & Electron., Beijing Inst. of Technol., Beijing, China
Abstract :
Intention recognition is the ability to predict an opposing force´s high level goals. Knowing an attacker´s intention can support the decision-making of the network security administrators. Threat assessment based on intention analysis is an important part of network security situation awareness. So how to recognize attack intention and assess threat has become a research hot in network security domain recently. In this paper attack path graph generation algorithms at a different granularity is presented at first. Then the methods of intrusive intention recognition and threat assessment based on attack path analysis are proposed. Next in order to block an attacker´s intention to be achieved, the way to provide protective measures at minimum cost based on minimum vertex cut theory is addressed. Finally several experiments are done in a local network, and the results of the experiments prove the feasibility and validity of this method.
Keywords :
computer network security; graph theory; pattern recognition; attack path analysis; attack path graph generation algorithm; intention analysis; intrusive intention recognition; minimum vertex cut theory; network security administrators decision-making support; network security situation awareness; threat assessment; Artificial intelligence; Computer science; Costs; Data security; Decision making; Information analysis; Information security; Intrusion detection; Protection; Scalability; attack path graph; intention recognition; minimum cut set;
Conference_Titel :
Multimedia Information Networking and Security, 2009. MINES '09. International Conference on
Conference_Location :
Hubei
Print_ISBN :
978-0-7695-3843-3
Electronic_ISBN :
978-1-4244-5068-8
DOI :
10.1109/MINES.2009.108
