Tongxin xuebao (Feb 2023)
Research on network attack analysis method based on attack graph of absorbing Markov chain
Abstract
Existing intrusion path studies based on attack graph lack consideration of factors other than basic network environment information when calculating the state transition probability.In order to analyze the security of target network comprehensively and reasonably, a network attack analysis method based on attack graph of absorbing Markov chain was proposed.Firstly, a state transition probability normalization algorithm based on vulnerability life cycle was proposed based on attack graph.Secondly, the attack graph was mapped to the absorbing Markov chain and the state transition probability matrix was given.Finally, the state transition probability matrix was calculated to comprehensively analyze the node threat degree, attack path length and expected impact of the target network.The results show that the proposed method can effectively analyze the expected influence of node threat degree, attack path length and vulnerability life cycle on the whole network, which is helpful for security research personnel to better understand the security state of the network.