网络与信息安全学报 (Feb 2021)

Two-layer threat analysis model integrating macro and micro

  • SUN Cheng, HU Hao, YANG Yingjie, ZHANG Hongqi

DOI
https://doi.org/10.11959/j.issn.2096−109x.2021015
Journal volume & issue
Vol. 7, no. 1
pp. 143 – 156

Abstract

Read online

The existing threat analysis models failed to comprehensively analyze the propagation of advanced security threats integrating the threat development trend and propagation path. In order to solve the problem, a two-layer threat analysis model named TL-TAM was established. The upper layer of the model depicted the threat development trend. The lower layer depicted the threat propagation path considering social engineering and networks can. Based on the model, prediction algorithm of threat development was proposed. The experimental result shows that the model can comprehensively analyze the threat propagation at multiple levels, overcome the defect that the threat analysis model based on attack graph is limited to technical vulnerability attack, and is more suitable for dynamic tracking analysis of advanced security threats.

Keywords