level里面放置的主要是攻击者尝试利用系统的弱点以进.pptVIP

A Structural Framework for Modeling Multi-Stage Network Attacks Daley, Larson, Dawkins University of Tulsa 2002 IEEE Outline Introduction Stratified Node Topology Attack Node Correlation Context Sensitive Nodes Example Attack Scenarios Applications Related Work Conclusions Introduction Attack trees represent goal-oriented attack behaviors multistage casual relationships between events or states “AND”, “OR” nodes can be weighted to reflect the likelihood of success for a particular attack Introduction (cont.) Disadvantage do not provide a comprehensive model for the analysis of network vulnerability Extended attack tree paradigm introduce functionality to allow for a comprehensive representation of attack stratified node topology event-level, state-level, top-level nodes Stratified Node Topology (SNT) Stratified Node Topology Three layers partition attack tree based on functionality and allow for a more precise portrayal of the mechanics of an attack. Event-Level direct activities of an attacker nodes correspond directly to intrusion detection system alerts Stratified Node Topology (cont.) State-Level generalized intermediate objectives in an attack conceptual steps (abstract goals) fairly constant ex: “execute arbitrary code”, “modify protected file” Top-Level ultimate intentions of an attacker top-level nodes may also be starting points for other attacks Attack Node Correlation relationship between nodes implicit link allow individual nodes in the tree to imply another node ex: perform a buffer overflow exploit to execute arbitrary code explicit link when an attack provides a capability to execute additional nodes but does not actually invoke an instance of a new node ex: obtain root access, next to compromise additional systems or steal information Context Sensitive Nodes Assign parameter values to attack node bound the search space of attacks reduce the likelihood of false positives Example Attack Scenarios Example Attack Scenarios (cont.) The composable goal-or