基于攻击图的网络安全技术研究
摘要
随着计算机网络技术的快速发展,人们的工作、生活已经越来越离不开网络,许多与人们休戚相关的关键基础设施已经离不开信息通信技术的辅助了。目前我们国家在加大力度的投入和推广物联网、信息物理系统(cyber physical systems,简称CPS)等技术,势必将人们的生活与网络更为紧密的捆绑在一起。然而伴随着网络的发展,层出不穷的计算机病毒、蠕虫以及更为先进的黑客攻击工具给计算机网络带来极大的破坏和威胁。网络安全问题已经成为各个国家、公司和组织不容忽视的问题,同时随着生产全球化,软硬件海外外包业务的发展,给CPS系统整体安全性的检查也带来更多的障碍和不利条件。
在本文中,我们引入攻击图理论来解决上文提到的网络安全问题,同时我们搭建了状态攻击图生成原型系统。基于攻击图理论和层次分析法(analytic hierarchy process, AHP),我们提出了网络安全分析的NodeRank算法和厂商安全评估模型的建立,我们试图通过爬取网络漏洞数据库例如osvdb等的漏洞数据,建立本地厂商漏洞库。然后通过利用爬取的漏洞数据的历史信息来评估厂商的信誉度,最后通过NodeRank算法来评判CPS系统的安全可靠性。
With the development of the information technology, people can't stand the life without the network. More and more critical infrastructure is increasingly depending on information communication technology, at the same time our country is investing more money in the IOT(internet of things) and CPS(cyber physical systems), so that the future life of people will depend more on the network. Increasing number of bugs, vulnerabilities, Trojan horses, and security incidents due to nefarious insiders and industrial espionage activities have been reported, and with the increasing complexity of CPS due to outsourcing and globalized manufacturing, it's by no means to guarantee the integrity of a modern CPS product through only supplier screening. Cost and timing restrictions in building and managing critical infrastructure also turn technical testing covering every piece of products from all suppliers into a formidable task.
However, we import attack graph to solve the problem mentioned above. In this paper, we set up an attack graph generation system and collect the vendor's vulnerability information from online vulnerability database such as osvdb(Open Source Vulnerability Database). Based on attack graph, we set up the NodeRank algorithm to analyze the integrity of CPS. With the help of the local vulnerability database set up by ourselves and the AHP (analytic hierarchy process) method, we propose a Supplier Trustworthy Value model to solve the problem.
在本文中,我们引入攻击图理论来解决上文提到的网络安全问题,同时我们搭建了状态攻击图生成原型系统。基于攻击图理论和层次分析法(analytic hierarchy process, AHP),我们提出了网络安全分析的NodeRank算法和厂商安全评估模型的建立,我们试图通过爬取网络漏洞数据库例如osvdb等的漏洞数据,建立本地厂商漏洞库。然后通过利用爬取的漏洞数据的历史信息来评估厂商的信誉度,最后通过NodeRank算法来评判CPS系统的安全可靠性。
With the development of the information technology, people can't stand the life without the network. More and more critical infrastructure is increasingly depending on information communication technology, at the same time our country is investing more money in the IOT(internet of things) and CPS(cyber physical systems), so that the future life of people will depend more on the network. Increasing number of bugs, vulnerabilities, Trojan horses, and security incidents due to nefarious insiders and industrial espionage activities have been reported, and with the increasing complexity of CPS due to outsourcing and globalized manufacturing, it's by no means to guarantee the integrity of a modern CPS product through only supplier screening. Cost and timing restrictions in building and managing critical infrastructure also turn technical testing covering every piece of products from all suppliers into a formidable task.
However, we import attack graph to solve the problem mentioned above. In this paper, we set up an attack graph generation system and collect the vendor's vulnerability information from online vulnerability database such as osvdb(Open Source Vulnerability Database). Based on attack graph, we set up the NodeRank algorithm to analyze the integrity of CPS. With the help of the local vulnerability database set up by ourselves and the AHP (analytic hierarchy process) method, we propose a Supplier Trustworthy Value model to solve the problem.
引文
[1]Bonnie Zhu, Shankar Sastry, "SCADA-specific Intrusion Detection/Prevention Systems:A Survey and Taxonomy"
[2]Ronald Krutz, Securing SCADA systems, Wiley,2006
[3]Stefan Axelsson Research in Intrusion Detection Systems:A Survey, Technical Report. Department of Computer Engineering, Chalmers University of Technology, Goteborg, Sweden,1999.
[4]Stefan Axelsson Intrusion Detection Systems:A Survey and Taxonomy, Technical Report, Department of Computer Engineering, Chalmers University of Technology, Goteborg, Sweden,2000
[5]Stefan Axelsson A preliminary attempt to apply detection and estimation theory to intrusion detection Technical Report 00-4, Department of Computer Engineering, Chalmers University of Technology, Goteborg, Sweden, March 2000.
[6]John McHugh, Testing Intrusion Detection Systems:A Critique of the 1998 and 1999 DARPA Intrusion Detection System Evaluations as Performed by Lincoln Laboratory, Proc. ACM TISSEC 3 (4) 262-294,2000.
[7]Zachary Williams, Jason E. Lueg, Stephen A. LeMay, (2008) "Supply chain security:an overview and research agenda", International Journal of Logistics Management, The, Vol.19 Iss:2, pp.254-281
[8]Dr. Alastair MacWillson The Need to Secure the Cyber Supply Chain, March 13, 2012 http://www.securityweek.com/need-secure-cyber-supply-chain
[9]JUSTIN PICARD, CARLOS A. ALVARENGA, Illicit Trade, Supply Chain Integrity, and Technology,2012
[io]Alvaro A.Cardenas,Saurabh Amin,Bruno Sinopoli, Challenges for Securing Cyber Physical Systems
[11]Alvaro A.Cardenas,Saurabh Amin,Shankar Sastry, Research Challenges for the Security of Control Systems
[12]United States Pharmacopeia, Good Distribution Practices—Supply Chain Integrity<1083>,2012
[13]http://www.usp.org/sites/default/files/usp_pdf/EN/USPNF/revisions/c1083.pdf
[14]Phillips C, Swiler L. A graph-based system for network-vulnerability analysis. In Proceedings of the New Security Paradigms Workshop, pages 71-79, Charlottesville, VA,1998.
[is]Xinming Ou,Sudhakar Govindavajhala,Andrew W. Appel,MulVAL:A Logic-based Network Security Analyzer,2005
[16]S Jajodia, S Noel,Topological Analysis of Network Attack Vulnerability,2005
[17]Richard Lippmann,Keith Piwowarski;Practical Attack Graph Generation for Network Defense;2006
[is]http://en.wikipedia.org/wiki/Analytic_hierarchy_process
[19]Joseph M. Katz, How to make a decision:The analytic hierarchy process,1990
[20]Fatemeh Zahedi, The Analytic Hierarchy Process—A Survey of the Method and its Applications,1986
[21]Andrea Soppera, Jeff Farr, Oliver Kasten, Alexander Illic, Davide Zanetti, Mark Harrison, Supply Chain Integrity (D4.6.1), Building Radio frequency IDentification for the Global Environment(BRIDGE) Technique Report, Dec,2007,
[22]http://www.bridge-project.eu/data/File/BRIDGE_WP04_Supply_Chain_Integrity. pdf
[23]Vaibhav Mehta, Constantinos Bartzis, Haifeng Zhu, Edmund Clarke, Jeannette Wing. Ranking Attack Graphs, In Proceedings of Recent Advances in Intrusion Detection (RAID),2006
[24]Ammann, P.; Wijesekera, D.; and Kaushik, S.2002. Scalable, graph based network vulnerability analysis. In Proceedings of CCS 2002:9th ACM Conference on Computer and Communications Security,217-224. ACM Press.
[25]Reginald E. Sawillal and Xinming Ou, "Identifying Critical Attack Assets in Dependency Attack Graphs," ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security:Computer Security,2008
[26]Oleg Sheyner. Scenario Graphs and Attack Graphs. Ph.D Thesis at Carnegie Mellon University, April 2004.
[27]Pamula, J.; Jajodia, S.; Ammann, P.; and Swarup, V.2006. A weakest-adversary security metric for network conguration secuirty analysis. In Proceedings of 2nd ACM Workshop on Quality of Protection,31-38. ACM Press.
[28]OSVDB:OpenSource Vulnerability Database,(http://www.osvdb.org)
[29]NVD:National Vulnerability Database(http://nvd.nist.org)
[30]Mitre:CVE-Common Vulnerability and Exposures (http://cve.mitre.org)
[31]Stefan Frei, Bernhard Tellenbach and Bernhard Platter,0-Day Patch Exposing Vendors (In)security Performance, BlackHat,2008 Europe
[32]S. Frei, S. May, U. Fiedler, B. Plattner, Large-scale vulnerability analysis, Proc. ACM SIGCOMM workshop on Large-scale attack defense(LSAD'06), New York,NY,USA,ACM,2006, pp.131-138
[33]A. Ashish, K. Ramayya,R.T. and Y.Yang., Empirical analysis of software vendors patching behavior, impact of vulnerability disclosure, Technical report, Carnegie Mellon University,2006
[34]Cyber Supply Chain Risks, Strategies and Best Practices, (http://www.usresilienceproject.org/workshop/participants/pdfs/USRP_Resources_Chapter_4_022812.pdf),2012
[35]W.H. Baker, C.D. Hylender, and J.A. Valentine. Data break investigations report. Verizon Business RISK Team,2008.
[36]Robert J Ellison, Carol Woody, supply chain risk management:Incoporating security into software development, Proceedings of the 43 rd Hawaii International Conference on System Sciences-2010
[37]Mehran Bozorgi, Lawrence K. Saul, Stefan Savage, and Geoffrey M. Voelker. Beyond Heuristics:Learning to Classify Vulnerabilities and Predict Exploits. KDD'10, July 25-28,2010, Washington, DC, USA.
[38]AHP:http://en.wikipedia.org/wiki/Analytic_Hierarchy_Process
[39]http://wiki.mbalib.com/wiki/%E5%B1%82%E6%AC%A1%E5%88%86%E6%9 E%90%E6%B3%95
[40]Ronald W.Ritchey, Paul Ammann, "Using Model Checking to Analyze Network Vulnerabilities," 2000, IEEE
[4i]Oleg Sheyner, Joshua Haines, Somesh Jha. "Automated Generation and Analysis of Attack Graphs," 2002, IEEE
[42]Peng Xie, Jason H Li, Xinming Ou, Peng Liu, Renato Levy. "Using Bayesian Networks for Cyber Security Analysis.,"
[43]Marcel Frigault, Lingyu Wang. "Measuring Network Security Using Bayesian Network-Based Attack Graphs," 2008, IEEE.
[44]http://www.first.org/cvss
[45]T.Zhang, Ming-Zeng, Dong, Liang Sun, "An Effective method to generate Attack Graph," Proceedings of the Fourth International Conference on Machine Learning and Cybernetics, Guangzhou,2005
[46]叶云、徐锡山等,“基于攻击图的风险邻接矩阵研究”通信学报,第32卷第5期
[2]Ronald Krutz, Securing SCADA systems, Wiley,2006
[3]Stefan Axelsson Research in Intrusion Detection Systems:A Survey, Technical Report. Department of Computer Engineering, Chalmers University of Technology, Goteborg, Sweden,1999.
[4]Stefan Axelsson Intrusion Detection Systems:A Survey and Taxonomy, Technical Report, Department of Computer Engineering, Chalmers University of Technology, Goteborg, Sweden,2000
[5]Stefan Axelsson A preliminary attempt to apply detection and estimation theory to intrusion detection Technical Report 00-4, Department of Computer Engineering, Chalmers University of Technology, Goteborg, Sweden, March 2000.
[6]John McHugh, Testing Intrusion Detection Systems:A Critique of the 1998 and 1999 DARPA Intrusion Detection System Evaluations as Performed by Lincoln Laboratory, Proc. ACM TISSEC 3 (4) 262-294,2000.
[7]Zachary Williams, Jason E. Lueg, Stephen A. LeMay, (2008) "Supply chain security:an overview and research agenda", International Journal of Logistics Management, The, Vol.19 Iss:2, pp.254-281
[8]Dr. Alastair MacWillson The Need to Secure the Cyber Supply Chain, March 13, 2012 http://www.securityweek.com/need-secure-cyber-supply-chain
[9]JUSTIN PICARD, CARLOS A. ALVARENGA, Illicit Trade, Supply Chain Integrity, and Technology,2012
[io]Alvaro A.Cardenas,Saurabh Amin,Bruno Sinopoli, Challenges for Securing Cyber Physical Systems
[11]Alvaro A.Cardenas,Saurabh Amin,Shankar Sastry, Research Challenges for the Security of Control Systems
[12]United States Pharmacopeia, Good Distribution Practices—Supply Chain Integrity<1083>,2012
[13]http://www.usp.org/sites/default/files/usp_pdf/EN/USPNF/revisions/c1083.pdf
[14]Phillips C, Swiler L. A graph-based system for network-vulnerability analysis. In Proceedings of the New Security Paradigms Workshop, pages 71-79, Charlottesville, VA,1998.
[is]Xinming Ou,Sudhakar Govindavajhala,Andrew W. Appel,MulVAL:A Logic-based Network Security Analyzer,2005
[16]S Jajodia, S Noel,Topological Analysis of Network Attack Vulnerability,2005
[17]Richard Lippmann,Keith Piwowarski;Practical Attack Graph Generation for Network Defense;2006
[is]http://en.wikipedia.org/wiki/Analytic_hierarchy_process
[19]Joseph M. Katz, How to make a decision:The analytic hierarchy process,1990
[20]Fatemeh Zahedi, The Analytic Hierarchy Process—A Survey of the Method and its Applications,1986
[21]Andrea Soppera, Jeff Farr, Oliver Kasten, Alexander Illic, Davide Zanetti, Mark Harrison, Supply Chain Integrity (D4.6.1), Building Radio frequency IDentification for the Global Environment(BRIDGE) Technique Report, Dec,2007,
[22]http://www.bridge-project.eu/data/File/BRIDGE_WP04_Supply_Chain_Integrity. pdf
[23]Vaibhav Mehta, Constantinos Bartzis, Haifeng Zhu, Edmund Clarke, Jeannette Wing. Ranking Attack Graphs, In Proceedings of Recent Advances in Intrusion Detection (RAID),2006
[24]Ammann, P.; Wijesekera, D.; and Kaushik, S.2002. Scalable, graph based network vulnerability analysis. In Proceedings of CCS 2002:9th ACM Conference on Computer and Communications Security,217-224. ACM Press.
[25]Reginald E. Sawillal and Xinming Ou, "Identifying Critical Attack Assets in Dependency Attack Graphs," ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security:Computer Security,2008
[26]Oleg Sheyner. Scenario Graphs and Attack Graphs. Ph.D Thesis at Carnegie Mellon University, April 2004.
[27]Pamula, J.; Jajodia, S.; Ammann, P.; and Swarup, V.2006. A weakest-adversary security metric for network conguration secuirty analysis. In Proceedings of 2nd ACM Workshop on Quality of Protection,31-38. ACM Press.
[28]OSVDB:OpenSource Vulnerability Database,(http://www.osvdb.org)
[29]NVD:National Vulnerability Database(http://nvd.nist.org)
[30]Mitre:CVE-Common Vulnerability and Exposures (http://cve.mitre.org)
[31]Stefan Frei, Bernhard Tellenbach and Bernhard Platter,0-Day Patch Exposing Vendors (In)security Performance, BlackHat,2008 Europe
[32]S. Frei, S. May, U. Fiedler, B. Plattner, Large-scale vulnerability analysis, Proc. ACM SIGCOMM workshop on Large-scale attack defense(LSAD'06), New York,NY,USA,ACM,2006, pp.131-138
[33]A. Ashish, K. Ramayya,R.T. and Y.Yang., Empirical analysis of software vendors patching behavior, impact of vulnerability disclosure, Technical report, Carnegie Mellon University,2006
[34]Cyber Supply Chain Risks, Strategies and Best Practices, (http://www.usresilienceproject.org/workshop/participants/pdfs/USRP_Resources_Chapter_4_022812.pdf),2012
[35]W.H. Baker, C.D. Hylender, and J.A. Valentine. Data break investigations report. Verizon Business RISK Team,2008.
[36]Robert J Ellison, Carol Woody, supply chain risk management:Incoporating security into software development, Proceedings of the 43 rd Hawaii International Conference on System Sciences-2010
[37]Mehran Bozorgi, Lawrence K. Saul, Stefan Savage, and Geoffrey M. Voelker. Beyond Heuristics:Learning to Classify Vulnerabilities and Predict Exploits. KDD'10, July 25-28,2010, Washington, DC, USA.
[38]AHP:http://en.wikipedia.org/wiki/Analytic_Hierarchy_Process
[39]http://wiki.mbalib.com/wiki/%E5%B1%82%E6%AC%A1%E5%88%86%E6%9 E%90%E6%B3%95
[40]Ronald W.Ritchey, Paul Ammann, "Using Model Checking to Analyze Network Vulnerabilities," 2000, IEEE
[4i]Oleg Sheyner, Joshua Haines, Somesh Jha. "Automated Generation and Analysis of Attack Graphs," 2002, IEEE
[42]Peng Xie, Jason H Li, Xinming Ou, Peng Liu, Renato Levy. "Using Bayesian Networks for Cyber Security Analysis.,"
[43]Marcel Frigault, Lingyu Wang. "Measuring Network Security Using Bayesian Network-Based Attack Graphs," 2008, IEEE.
[44]http://www.first.org/cvss
[45]T.Zhang, Ming-Zeng, Dong, Liang Sun, "An Effective method to generate Attack Graph," Proceedings of the Fourth International Conference on Machine Learning and Cybernetics, Guangzhou,2005
[46]叶云、徐锡山等,“基于攻击图的风险邻接矩阵研究”通信学报,第32卷第5期
© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号 地址:北京市海淀区学院路29号 邮编:100083 电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700 |