基于主机攻击图的网络安全性研究
|
摘要
随着计算机技术和网络应用的不断深入和发展,网络安全和管理已经成为制约国家和企业安全稳定发展的重要因素。如何对网络安全性进行分析,从而制定出有效可行的的网络安全策略,成为了国内外专家和学者所关注的重要课题。网络攻击图能反映网络中漏洞之间的相互利用关系,是进行网络安全性分析的有效工具,因此,许多国家和地区的政府及工业界都非常重视对网络攻击图的研究。上述研究为政府及企业网络的安全和稳定运行、国家机密及个人信息的安全和保密提供了重要的保障。
本文主要围绕主机攻击图自身的生成及其在网络安全性分析中的应用而展开探讨和研究。论文的主要研究内容及创新体现在以下几个方面:
(1)提出了主机攻击图的生成模型和算法。通过借鉴攻击模式的思想,将攻击模式进一步抽象,并以之构建以主机为中心的攻击规则库;另一方面引入模型设计的思想和正态分布函数来计算攻击发生的难易程度,并以之作为攻击规则的权值。结合所构建的攻击规则,提出了主机攻击图的生成模型和算法。该模型和算法有良好的时空复杂度,生成的攻击图规模比以往的模型和算法所生成的攻击图小。
(2)提出了3类关键主机的概念。通过对网络中攻击行为进行分析,发现网络中某些主机自身的安全性对网络整体的安全性存在重大的影响,对这些主机给网络整体安全性造成的影响进行了分类,提出了3类关键主机的概念。关键主机为网络安全性分析提供了一个切入点;也为网络安全管理员制定有效的安全策略提供了依据。
(3)提出了全网主机攻击图的生成模型和算法,并在此基础上进一步提出了基于全网主机攻击图对目标网络进行整体安全性分析和寻找网络中关键主机的方法。通过对全网主机攻击图中主机节点的出度和入度分析,能计算反映网络整体安全性的攻击分布密度,确定网络所处的安全级别,并找出网络中的第1类关键主机和第2类关键主机;而分别对网络中各主机进行临界条件满足前后攻击力变化的计算,则能有效找出网络中的第3类关键主机和关键临界条件。
(4)提出了主机安全组的定义及划分方法,给出了基于主机安全组对目标网络进行整体安全性分析和寻找关键主机的方法。通过研究网络中主机的分组情况,计算出主机安全组密度、主机安全耦合度等安全属性,能有效地确定网络所处的安全等级,并找出网络中的第1类和第2类关键主机。另外,对网络进行主机安全组的划分,可以使得对寻找第3类关键主机的考察范围限定在各主机分组的叶子主机节点上;而对应的临界条件引起网络安全性的变化则可用该临界条件对应的原子攻击中目标主机所在的主机安全组规模来衡量。
(5)提出了基于迭代矩阵对网络整体安全性进行分析并寻找关键主机的方法。给出了通过定义的操作函数将网络初始邻接矩阵迭代成最终的反映主机间攻击关系的迭代矩阵的方法。利用迭代矩阵计算迭代权值密度等安全属性,可以确定网络的安全等级;而计算和比较各主机的威胁系数、脆弱性系数、迭代权值和变化比,则能分别确定网络中的3类关键主机。特别地,在利用操作函数计算最终迭代矩阵的过程中,如果对各迭代矩阵中元素所对应的路径进行记录,则最终能得到主机间的最有效攻击路径。
With the continuous development of computer technology and network applications, network security management has already become an important factor that can restrict the security, stability and development of a country and its enterprises. How to develop feasible and effective security strategies by analyzing network security is a vital issue which is concerned by domestic and foreign experts and scholars. Since it is able to reflect the mutual use of vulnerabilities in network, network attack graph becomes an effective tool for analyzing network security. Many countries and regions attach great interests to the study of network attack graph, and many significant scientific achievements are made. It not only promotes the further development of science and technology, but also guarantees the safe and stable operation of government and enterprise networks, and protects the security and confidentiality of national and personal private information.
In order to develop more effective and convenient approaches to analyze network security, this dissertation researches on some issues about the generation of host-based attack graph and its applications in network security analysis. The main contributions and innovations are summarized as follows:
1) Attack rules are built by making further abstraction of attack patterns. Besides, theories of model design and normal distribution are introduced to calculate the difficulty value of an attack, which becomes the weight of the corresponding attack rule. Based on the attack rules, an approach of generating host-based network graph is put forward. It has good performance in time and space complexity, and the attack graphs it generates are much smaller than previous methods.
2) Having analyzed a large amount of attacks in network, it is found that the security of some hosts has particular significant influence to overall network security. Thus, the concept of key host is put forward. Further research shows that the influences caused by these key hosts are not exactly the same. Therefore, key hosts are classified into three types, and identification to each type is given independently. The key hosts in network bring a new perspective in analyzing network security and provid a basis for network security manager to develop effective security strategies.
3) Algorithm of generating host-based attack graph for overall network is proposed, followed with an approach of analyzing overall network security and finding key hosts through the attack graph it generates. By analyzing the out-degrees and in-degrees of nodes in attack graph for overall network, it is convenient to find out the first type of key hosts and the second type of key hosts, and it is able to calculate the distribution density of attacks, which reflects the overall network security situation and can be used to identify the security level. Obviously, the satisfaction of a critical-condition could cause changes in attack power of the corresponding host. Therefore, if these changes are calculated, it will be able to find out the third type of key hosts and the key critical-conditions.
4) The definition of host-security-group and its partitioning algorithm are proposed. Moreover, an approach to analyze overall network security and find out key hosts based on host-security-group is put forward. By analyzing the situation of partitioning, it not only be able to calculate the secure properties like the density of host-security-group and the coupling degree of host-security-group, which perfectly identifies the security level of target network, but also can find out the first type of key hosts of the second type of key hosts. To find out the third type of key hosts, it could just consider the leaves of each host-security-group, and the scale of host-security-group that contained the target host of an atomic attack can be taken as the changes of overall network security when a critical-condition is satisfied. Thus, the computational complexity is substantially reduced.
5) An approach of using iterative matrix to analyze overall network security and find out key hosts is proposed. Then, by using the defined operating function, the procedure of turning initial adjacency matrix into ultimate iterative matrix which reflects the relationship of attacks between hosts is described. It is easy to identify the security level of network through the density of iterative weight and other secure properties. Besides, by calculating and comparing the coefficient of threat, coefficient of vulnerability, and changing ratio of total iterative weights, it is able to identify the three types of key hosts respectively. In particular, if the corresponding routes of each element are marked down while calculating the iterative matrixes, then the most effective attack paths between each host will be found.
本文主要围绕主机攻击图自身的生成及其在网络安全性分析中的应用而展开探讨和研究。论文的主要研究内容及创新体现在以下几个方面:
(1)提出了主机攻击图的生成模型和算法。通过借鉴攻击模式的思想,将攻击模式进一步抽象,并以之构建以主机为中心的攻击规则库;另一方面引入模型设计的思想和正态分布函数来计算攻击发生的难易程度,并以之作为攻击规则的权值。结合所构建的攻击规则,提出了主机攻击图的生成模型和算法。该模型和算法有良好的时空复杂度,生成的攻击图规模比以往的模型和算法所生成的攻击图小。
(2)提出了3类关键主机的概念。通过对网络中攻击行为进行分析,发现网络中某些主机自身的安全性对网络整体的安全性存在重大的影响,对这些主机给网络整体安全性造成的影响进行了分类,提出了3类关键主机的概念。关键主机为网络安全性分析提供了一个切入点;也为网络安全管理员制定有效的安全策略提供了依据。
(3)提出了全网主机攻击图的生成模型和算法,并在此基础上进一步提出了基于全网主机攻击图对目标网络进行整体安全性分析和寻找网络中关键主机的方法。通过对全网主机攻击图中主机节点的出度和入度分析,能计算反映网络整体安全性的攻击分布密度,确定网络所处的安全级别,并找出网络中的第1类关键主机和第2类关键主机;而分别对网络中各主机进行临界条件满足前后攻击力变化的计算,则能有效找出网络中的第3类关键主机和关键临界条件。
(4)提出了主机安全组的定义及划分方法,给出了基于主机安全组对目标网络进行整体安全性分析和寻找关键主机的方法。通过研究网络中主机的分组情况,计算出主机安全组密度、主机安全耦合度等安全属性,能有效地确定网络所处的安全等级,并找出网络中的第1类和第2类关键主机。另外,对网络进行主机安全组的划分,可以使得对寻找第3类关键主机的考察范围限定在各主机分组的叶子主机节点上;而对应的临界条件引起网络安全性的变化则可用该临界条件对应的原子攻击中目标主机所在的主机安全组规模来衡量。
(5)提出了基于迭代矩阵对网络整体安全性进行分析并寻找关键主机的方法。给出了通过定义的操作函数将网络初始邻接矩阵迭代成最终的反映主机间攻击关系的迭代矩阵的方法。利用迭代矩阵计算迭代权值密度等安全属性,可以确定网络的安全等级;而计算和比较各主机的威胁系数、脆弱性系数、迭代权值和变化比,则能分别确定网络中的3类关键主机。特别地,在利用操作函数计算最终迭代矩阵的过程中,如果对各迭代矩阵中元素所对应的路径进行记录,则最终能得到主机间的最有效攻击路径。
With the continuous development of computer technology and network applications, network security management has already become an important factor that can restrict the security, stability and development of a country and its enterprises. How to develop feasible and effective security strategies by analyzing network security is a vital issue which is concerned by domestic and foreign experts and scholars. Since it is able to reflect the mutual use of vulnerabilities in network, network attack graph becomes an effective tool for analyzing network security. Many countries and regions attach great interests to the study of network attack graph, and many significant scientific achievements are made. It not only promotes the further development of science and technology, but also guarantees the safe and stable operation of government and enterprise networks, and protects the security and confidentiality of national and personal private information.
In order to develop more effective and convenient approaches to analyze network security, this dissertation researches on some issues about the generation of host-based attack graph and its applications in network security analysis. The main contributions and innovations are summarized as follows:
1) Attack rules are built by making further abstraction of attack patterns. Besides, theories of model design and normal distribution are introduced to calculate the difficulty value of an attack, which becomes the weight of the corresponding attack rule. Based on the attack rules, an approach of generating host-based network graph is put forward. It has good performance in time and space complexity, and the attack graphs it generates are much smaller than previous methods.
2) Having analyzed a large amount of attacks in network, it is found that the security of some hosts has particular significant influence to overall network security. Thus, the concept of key host is put forward. Further research shows that the influences caused by these key hosts are not exactly the same. Therefore, key hosts are classified into three types, and identification to each type is given independently. The key hosts in network bring a new perspective in analyzing network security and provid a basis for network security manager to develop effective security strategies.
3) Algorithm of generating host-based attack graph for overall network is proposed, followed with an approach of analyzing overall network security and finding key hosts through the attack graph it generates. By analyzing the out-degrees and in-degrees of nodes in attack graph for overall network, it is convenient to find out the first type of key hosts and the second type of key hosts, and it is able to calculate the distribution density of attacks, which reflects the overall network security situation and can be used to identify the security level. Obviously, the satisfaction of a critical-condition could cause changes in attack power of the corresponding host. Therefore, if these changes are calculated, it will be able to find out the third type of key hosts and the key critical-conditions.
4) The definition of host-security-group and its partitioning algorithm are proposed. Moreover, an approach to analyze overall network security and find out key hosts based on host-security-group is put forward. By analyzing the situation of partitioning, it not only be able to calculate the secure properties like the density of host-security-group and the coupling degree of host-security-group, which perfectly identifies the security level of target network, but also can find out the first type of key hosts of the second type of key hosts. To find out the third type of key hosts, it could just consider the leaves of each host-security-group, and the scale of host-security-group that contained the target host of an atomic attack can be taken as the changes of overall network security when a critical-condition is satisfied. Thus, the computational complexity is substantially reduced.
5) An approach of using iterative matrix to analyze overall network security and find out key hosts is proposed. Then, by using the defined operating function, the procedure of turning initial adjacency matrix into ultimate iterative matrix which reflects the relationship of attacks between hosts is described. It is easy to identify the security level of network through the density of iterative weight and other secure properties. Besides, by calculating and comparing the coefficient of threat, coefficient of vulnerability, and changing ratio of total iterative weights, it is able to identify the three types of key hosts respectively. In particular, if the corresponding routes of each element are marked down while calculating the iterative matrixes, then the most effective attack paths between each host will be found.
引文
[1]王晓程,刘恩德,谢小权.攻击分类研究与分布式网络入侵检测系统.计算机研究与发展,2001,38(6):727-734.
[2]刘欣然.网络攻击分类技术综述.通信学报,2004,25(7):30-36.
[3]杨正飞.网络攻击分类及网络攻击系统模型研究.兰州大学硕士学位论文,2006.
[4]崔建清.基于攻击图的网络安全分析方法的研究.上海交通大学硕士学位论文,2008.
[5]杨义先,钮心忻.网络安全理论与技术.人民邮电出版社,2003.
[6]冯登国.网络安全原理与技术.科学出版社,2003.
[7]张领强.复杂攻击图的表现与优化技术研究.国防科学技术大学硕士学位论文,2009.
[8]苏华安,张怡.攻击图展示技术研究.现代电子技术,2010,第19期:94-96.
[9]陈锋,张怡,苏金树等.攻击图的两种形式化分析.软件学报,2010,21(4):838-848.
[10]Cunningham W H. Optimal Attack and Reinforcement of A Network. Journal of the ACM(JACM).1985.32(3):549-561.
[11]Dacier M. Deswarte Y. and Kaaniche M. Quantitive Assessment of Operational Security:Models and Tools.96493[R]. LAAS.1996.
[12]Ortalo R, Deswarte Y. and Kaaniche M. Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security. IEEE Transactions on Software Engineering,1999,25(05):633-650.
[13]Dacier M, and Deswarte Y. Privilege Graph:An Extension to the Tpyed Access Matrix Model. Lecture Notes in Computer Science,1994. Vol.875/1994: 319-334.
[14]Swiler L P. Phillips C. and Gaylor T. A Graph Based Network Vulnerability Analysis System. Technical Report SAND97-3010/1. Sandia National Laboratories. Albuquerque. New Mexico and Livermore. California.1998.
[15]Phillips C. and Swiler L P. A Graph-based System for Network Vulnerability Analysis. Proceedings of the 1998 workshop on New security paradigms Virginia, USA.1998. pp.71-79.
[16]Swiler L P. Phillips C. and Ellis D. Computer Attack Graph Generation Tool. Proceedings of the Second DARPA Information Survivability Conference & Exposition (DISCEX Ⅱ), Anaheim, California. USA.2001:307-321.
[17]Ritchey R. W, and Ammann P. Using Model Checking to Analyze Network Vulnerabilities. Proceedings of 2000 IEEE Computer Society Symposium on Security and Privacy, Oakland California. IEEE Computer Society,2000: 156-165.
[18]Tidwell T, Larson R, Fitch K, et al. Modeling Internet Attacks. Proceedings of the Second Annual IEEE SMC Information Assurance Workshop, United States Military Academy, West Point, New York. June 2001:IEEE Press, pp.54-59. 2001.
[19]Sheyner O. Jha S, Wing J, et al. Automated Generation and Analysis of Attack Graphs. IEEE Symposium on Security and Privacy. Oakland,California,2002.
[20]Jha S,Sheyner O, and Wing J. Two Formal Analyses of Attack Graphs. Proceedings of 15th IEEE Computer Security Foundations Workshop, Cape Breton. Nova Scotia, Canada. IEEE Computer Society,2002:49-63.
[21]Sheyner O. and Wing J. Tools for Generating and Analyzing Attack Graphs. Workshop on Formal Methods for Components and Objects. Tehran. Iran. 2004.
[22]Rieke R. Tool Based Formal Modelling. Analysis and Visualisation of Enterprise Network Vulnerabilities Utilising Attack Graph Exploration. U. E. Gattiker (Ed.). EICAR 2004 Conference CD-ROM:Best Paper Proceedings. Copenhagen. EICAR e.V.2004.
[23]Jajodia S. Noel S. and O'Berry B. Topological Analysis of Network Attack Vulnerability. Managing Cyber Threats:Issues. Approaches and Challenges. chapter 5. Kumar V, Srivastava J. and Lazarevic A. editors. Kluwer Academic Publisher. Boston. Massachusetts.2003.
[24]Noel S. Jajodia S. O'Berry B. et al. Efficient Minimum-Cost Network Hardening via Exploit Dependency Graphs. Proceedings of 19th Annual Computer Security Applications Conference. Las Vegas. Nevada.2003.
[25]Shahriari H R. and Jalili R. Modeling and Analyzing Network Vulnerabilities via A Logic-based Approach. Proceedings of the 2nd International Symposium of Telecommunications. Shiraz. Iran.2005:13-21.
[26]Shahriari H R. and Jalili R. Vulnerability Take Grant (VTG):An efficient approach to analyze network vulnerabilities. Computers & Security,2007. 26(5):349-360.
[27]Xinming Ou. A Logic-programming Approach to Network Security Analysis. PhD thesis, Princeton University.2005.
[28]Xinming Ou, Govindavajhala S. and Andrew W A. MulVAL:A Logic-based Network Security Analyzer. Porceedings of 14th USENIX Security Symposium, Baltimore, Maryland. USA.2005:113-128.
[29]Xinming Ou, Wayne F B. and Miles A M. A Scalable Approach to Attack Graph Generation. Proceedings of the 13th ACM conference on Computer and Communications Security,2006:336-345.
[30]Zhang Tao, Hu Ming-zeng, Li Dong, et al. An Effective Method to Generate Attack Graph. Proceedings of International Conference on Machine Learning and Cybernetics, Guangzhou. China,2005:3926-3931.
[31]张涛,胡铭曾,云晓春等.网络攻击图生成方法研究.高技术通讯,2006,16(4):348-352.
[32]张海霞,苏璞睿.冯登国.基于攻击能力增长的网络安全分析模型.计算机研究与发属2007,44(12):2012-2019.
[33]张海霞,连一峰,苏璞睿等.基于安全状态域的网络评估模型.软件学报.2009,20(2):451-461.
[34]Ammann P, Wijesekera D. and Kaushik S. Scalable, Graph-based Network Vulnerability Analysis. Proceedings of the 9th ACM Conference on Computer and Communications Security. New York. USA.2002:217-224.
[35]Noel S. and Jajodia S. Managing Attack Graph Complexity through Visual Hierarchical Aggregation. Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security. Washington DC. USA. 2004:109-118.
[36]Li W, and Vaughn R B. An Approach to Graph-based Modeling of Network Exploitations. Mississippi State University. Mississippi State. MS.2005.
[37]苘大鹏.周渊.杨武等.用于评估网络整体安全性的攻击图生成方法.通信学报.2009.30(3):l-5.
[38]苘大鹏.张冰,周渊等.一种深度优先的攻击图生成方法.吉林大学学报(工学版),2009,39(02):446-452.
[39]Daley K. Larson R. and Dawkins.J. A Structural Framework for Modeling Multi-stage Network Attacks. Proceedings of International Coference on Parallel Processing Workshops.2002:5-10.
[40]Dawkins J. and Hale J. A Systematic Approach to Multi-stage Network Attack Analysis. Proceedings of the second IEEE international Information Assurance Workshop. Charlotte. NC, USA,2004:48-56.
[41]Ritchey R W. Efficient Network Attack Graph Generation. PhD thesis, George Mason University,2007.
[42]卢静君,姚淑珍,黄河.基于主机中心模型的攻击图生成与分析方法.系统仿真学报,2009,20(增刊):190-193.
[43]Moore A P. Ellison R J, and Linger R C. Attack Modeling for Information Security and Survivability. Pittsburgh, PA:Software Engineering Institute, Carnegie Mellon University,2001.
[44]Gegick M. and Williams L. Matching Attack Patterns to Security Vulnerabilities in Software-Intensive System Designs. ACM SIGSOFT Software Engineering Notes, Proceedings of the 2005 workshop on Software engineering for secure systems-building trustworthy applications SESS'05, Volume 30. Issue 4. New York. NY:ACM Press.2005.
[45]Thormard O. and Dacier M. A Framework for Attack Patterns'Discovery in Honeynet Data. Digital Investigation, vol.8, pp. S128-S139.2008.
[46]Zhu Ying. Attack Pattern Discovery in Forensic Investigation of Network Attacks. IEEE Journal on Selected Areas in Communications,29(7).2011: 1349-1357.
[47]Zhang Lejun. Wang Wei. Guo Lin. et al. A Survivability Quantitative Analysis Model for Network System Based on Attack Graph. Proceedings of 2007 International Conference on Machine Learning and Cybernetics. Hong Kong. 2007:3211-3216.
[48]薄建业.基于攻击模式的攻击图生成技术研究.国防科学技术大学硕士学位论文,2009.
[49]赵豹,张怡,孟源.基于攻击模式的反向搜索攻击图生成算法.计算机工程与科学,2011,33(7):18-24.
[50]Sean Barnuin. and Amit Sethi. Introduction to Attack Patterns [EB/OL]. https://bui ldsecurityin.us-cert.gov/bsi/articles/knowledge/attack/585-BSI.html. 2011.
[51]CVE (Common Weakness Enumeration) [EB/OL]. http://cve.mitre.org/about/index.html.2011.
[52]Fernandez E. Pelaez J. and Petrie M L. Attack Patterns:A New Forensic and Design Tool. Advances in Digital Forensic.s Ⅲ. IFIP International Federation for Information Processing,2007. Vol.242/2007:345-357.
[53]Barnum S. and Sethi A. Attack Patterns as A Knowledge Resource for Buildig Secure Software. OMG Software Assurance Workshop:Cigital,2007.
[54]Engebretson P. Pauli J, and Streff K. Abstracting Parent Mitigations from the CAPEC Attack Pattern Dictionary. Proceedings of the 2008 International Coference on Security and Management (SAM 08). Las Vegas, NV, USA,2008: 245-250.
[55]CAPEC (Common Attack Pattern Enumeration and Classification) [EB/OL]. http://capec.mitre.org/about/index.html.2011.
[56]赵豹.基于攻击图的网络脆弱性分析技术研究.国防科学技术大学硕士学位论文,2009.
[57]马强.攻击图的设计与应用.中国科学技术大学硕士学位论文,2008.
[58]Graphviz-Graph Visualization Software [EB/OL]. http://www.graphviz.org/Home.php.2011.
[59]徐斌,王磊,陆月明等.网络拓扑信息提取的研究.微型机与应用,2000,19(4):29-30.
[60]维昭,刘强,韦卫等.多方位网络拓扑发现的通用算法与技术实现.计算机应用研究,2004,21(12):257-261.
[61]李玉碰,王换招,田海燕等.基于SNMP和Java的网络拓扑发现.计算机工程与应用,2004,24(7):152-154.
[62]周智,寇晓蕤,罗军勇.基于SNMP的远程网络拓扑发现方法.计算机应用,2006,26(4):961-962.
[63]Lippmann R. Ingols K. Scott C. et al. Validating and Restoring Defense in Depth Using Attack Graphs. Proceedings of 2006 Military Communications Conference. Washington, DC. USA.2006:1-10.
[64]Chen Fangfang. Wang Chunlu, Tian Zhihong. et al. An Atomic-Domains-Based Approach for Attack Graph Generation. Proceedings of International Conference on Computer Communications and Network Security,2009: 802-808.
[65]是灏,王轶骏,薛质.基于专家知识的攻击图生成方法.信息安全与通信保密,2011,第05期:88-90.
[66]Deraison R. The Nessus Project.http://www.nessus.org/. Nessus Open Source Vulnerability Scanner Project.2011.
[67]Zadeh I. A. Fuzzy Sets. Information and Control,1965.8(3):338-353.
[68]宋晓莉,余静,孙海传等.模糊综合评价法在风险计估中的应用.微计算祝信息.2006,22(12):71-79.
[69]王国玉,王会梅,陈志杰等.基于攻击图的计算机网络攻击建模方法.国防科技大学学报,2009,31(4):74-80.
[70]Debar H. Dacier M. and Wespi A. Towards A Taxonomy of Instrusion-detection Systems. Computer Networks,1999,31(8):805-822.
[71]Wenke L. and Stolfo S J. Data Mining Approaches for Intrusion Detection. Proceedings of the 7th USENIX Security Symposium. San Antonio. TX, USA, 1998:79-94.
[72]Wenke L. A Data Mining Framework for Building Instrusion Detection Models. Proceedings of the 1999 IEEE Symposium on Security and Privacy. Oakland, CA, USA.1999:120-132.
[73]Hofmeyr S A. Forrest S. and Somayaji A. Intrusion Detection Using Sequences of System Calls. Journal of Computer Security.1998.6(3):151-180.
[74]Ming-Yuh Huang. Jasper R J, and Wicks T M. A Large Scale Distributed Instrusion Detection Framework Based on Attack Strategy Analysis. Computer Networks.1999. Volume.31. Issues 23-24:2465-2475.
[75]Wespi A. Dacier M. and Debar H.Instrusion Detection Using Variable-Length Audit Trail Patterns. Lecture Notes in Computer Science.2000. Vol.1907/2000: 110-129.
[76]Portnoy L.Eskin E.and Stolfo S. Intrusion Detection with Unlabeled Data Using Clustering. Proceedings of ACM CSS Workshop on Data Mining Applied to Security. Philadelphia, PA, USA.2001.
[77]Cuppens F. and Miege A. Alert Correlation in A Cooperative Intrusion Detection Framework. Proceedings of the 2002 IEEE Symposium on Security and Privacy. Washington, DC. USA. IEEE Computer Society.2002:202-215.
[78]Ning P. and Xu D. Learning Attack Strategies from Intrusion Alerts. Proceedings of the 10th ACM Conference on Computer and Communications Security. New York,ACM Press,2003:200-209.
[79]Noel S. and Jajodia S. Attack Graphs for Sensor Placement. Alert Prioritization. and Attack Response. In Cyberspace Research Workshop.2007.
[80]Noel S. and Jajodia S. Optimal IDS Sensor Placement and Alert Prioritization Using Attack Graphs. Journal of Network and Systems Management.2008. 16(3):259-275.
[81]Roschke S,Feng Cheng, and Meinel C. Using Vulnerability Information and Attack Graphs for Intrusion Detection. Proceedings of the 6th International Conference on Information Assurance and Security. Atlanta. GA, USA,2010: 68-73.
[82]Wolthusen S D. Layered Multipoint Network Defense and Security Policy Enforcement. Proceedings of the 2nd Annual IEEE SMC Information Assurance Workshop, West Point, NY, USA,2001:100-108.
[83]Naldurg P. Developing Dynamic Security Policies. Proceedings of DARPA Active Networks Conference and Exposition. San Francisco, CA, USA,2002: 204-215.
[84]Naldurg P, and Campbell R H. Dynamic Access Control:Preserving Safety and Trust for Network Defense Operations. Proceedings of the 8th ACM symposium on access control models and technologies. Como. Italy.2003: 231-237.
[85]Jiang Y C. Xia Z Y, and Zhang S Y. A Novel Defense Model for Dynamic Topology Network Based on Mobile Agent. Microprocessors and Microsystems,29(6).2005:289-297.
[86]Ingols K. Lippmann R. and Piwowarski K. Practical Attack Graph Generation for Network Defense. Proceedings of 2006 Computer Security Applications Conference. Miami Beach. FL. USA.2006:121-130.
[87]Lei.lie. and Li Zhitang. Using Network Attack Graph to Predict the Future Attacks. Proceedings of the 2rd International Conference on Communications and Networking in China, Shanghai. China,2007:403-407.
[88]冯登国,张阳,张玉清.信息安全风险评估综述.通信学报,2004,25(7):10-18.
[89]Schechter K J S. How Much Is Enough? A Risk-Management Approach to Computer Security. PhD thesis, Stanford University. June 2000.
[90]Stoneburner G. Goguen A. and Feringa A. Risk Management Guide for Information Technology Systems:Recommendations of the National Institute of Standards and Technology. National Insitute of Standards and Technology(NIST) Special Publication 800-30.U.S. Government Printing Office. October 2001.
[91]Schechter S E. Computer Security Strength & Risk:A Quantitative Approach. PhD thesis. Harvard University.2004.
[92]Clark K. Tyree S. Daw kins J. et al. Qualitative and Quantitative Analytical Techniques for Network Security Assessment. Proceedings of the 2004 IEEE Workshop on Information Assurance, West Point, New York. USA.2004: 321-328.
[93]刘芳.信息系统安全评估理论及其关键技术研究.国防科学技术大学博士学位论文,2005.
[94]宋晓莉,王劲松.陈源.信息安全风险评估方法研究.网络安全技术与应用2006,第12期:67-69.
[95]Dantu R, Loper K, and Kolan P. Risk Management Using Behavior Based Attack Graphs. Proceedings of 2004 International Conference on Information Technology:Coding and Computing,2004:445-449.
[96]Kotenko l,and Stepashkin M. Attack Graph Based Evaluation of Network Security. Lecture Notes in Computer Science,2006, Volume 4237/2006: 216-227.
[97]Wang L, Singhal A. and Jajodia S. Toward Measuring Network Security Using Attack Graphs. Proceedings of the ACM workshop on Quality of Protection. Alexandria, Virginia. USA.2007:49-54.
[98]Gupta S, and Winstead J. Using Attack Graphs to Design Systems. Security & Privacy. IEEE Press.2007.5(4):80-83.
[99]Dowd P W. Network Security:It's Time to Take It Seriously. Computer.1998. 31(9):24-28.
[100]Vigna G. Valeur V. Zhou J. et al. Composable Tools for Network Discovery and Security Analysis. Proceedings of 18th Annual Conference on Computer Security and Applications. Las Vegas. NV. USA.2002:14-24.
[101]Noel S. O'Berry B. Hutchinson C. et al. Combinatorial Analysis of Network Security. Proceedings of the 16th Annual International Symposium on Aerospace/Defence Sensing, Simulation, and Controls, Orlando,Florida. USA. 2002:140-149.
[102]Jajodia S. and Noel S. Topological Vulnerability Analysis:A Powerful New Approach for Network Attack Prevention. Detection, and Response. Indian Statistical Institute Monograph Series. World Scientific Press.2007.
[103]Ghosh N. An Approach for Security Assessment of Network Configurations Using Attack Graph. Proceedings of the 1st International Conference on Networks and Communications. Chennai, India.2009:283-288.
[104]Zhang T, Hu M. Li D, et al. Generate Attack Graph for Network Security Analysis. Journal of Information and Computational Science.2005,2(3): 605-615.
[105]Chen F. and Su J S. A Flexible Approach to Measuring Network Security Using Attack Graphs. Proceedings of the International Symposium on Electronic Commerce and Security. Guangzhou, China,2008:426-431.
[106]Cormen T H. Leiserson C E, Rivest R L, et al. Section 22.1:Representations of graphs. Introduction to Algorithms. MIT Press and McGraw-Hill.2001: 527-531.
[107]Godsil C. and Royle G. Algebraic Graph Theory. New York:Springer.2001.
[108]屈婉玲,耿索云,张立昂等编著.离散数学.高等教育出版社,2008.
[109]Feller W. An Introduction to Probability Theory and Its Applications, Vol. 1,3rd Edition. Wiley Press,1968.
[110]Chow Y S. and Teicher H. Probability Theory:Independence, Interchangeability. Martingales, Third Edition. Springer Press,1997.
[111]Golub G. and Van Loan C. Matrix Computations (Third Edition). Johns Hopkins University Press.1996.
[112]Varga R S. Matrix Iterative Analysis (Springer Series in Computational Mathematics).2nd Edition. Springer Press.2000.
[2]刘欣然.网络攻击分类技术综述.通信学报,2004,25(7):30-36.
[3]杨正飞.网络攻击分类及网络攻击系统模型研究.兰州大学硕士学位论文,2006.
[4]崔建清.基于攻击图的网络安全分析方法的研究.上海交通大学硕士学位论文,2008.
[5]杨义先,钮心忻.网络安全理论与技术.人民邮电出版社,2003.
[6]冯登国.网络安全原理与技术.科学出版社,2003.
[7]张领强.复杂攻击图的表现与优化技术研究.国防科学技术大学硕士学位论文,2009.
[8]苏华安,张怡.攻击图展示技术研究.现代电子技术,2010,第19期:94-96.
[9]陈锋,张怡,苏金树等.攻击图的两种形式化分析.软件学报,2010,21(4):838-848.
[10]Cunningham W H. Optimal Attack and Reinforcement of A Network. Journal of the ACM(JACM).1985.32(3):549-561.
[11]Dacier M. Deswarte Y. and Kaaniche M. Quantitive Assessment of Operational Security:Models and Tools.96493[R]. LAAS.1996.
[12]Ortalo R, Deswarte Y. and Kaaniche M. Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security. IEEE Transactions on Software Engineering,1999,25(05):633-650.
[13]Dacier M, and Deswarte Y. Privilege Graph:An Extension to the Tpyed Access Matrix Model. Lecture Notes in Computer Science,1994. Vol.875/1994: 319-334.
[14]Swiler L P. Phillips C. and Gaylor T. A Graph Based Network Vulnerability Analysis System. Technical Report SAND97-3010/1. Sandia National Laboratories. Albuquerque. New Mexico and Livermore. California.1998.
[15]Phillips C. and Swiler L P. A Graph-based System for Network Vulnerability Analysis. Proceedings of the 1998 workshop on New security paradigms Virginia, USA.1998. pp.71-79.
[16]Swiler L P. Phillips C. and Ellis D. Computer Attack Graph Generation Tool. Proceedings of the Second DARPA Information Survivability Conference & Exposition (DISCEX Ⅱ), Anaheim, California. USA.2001:307-321.
[17]Ritchey R. W, and Ammann P. Using Model Checking to Analyze Network Vulnerabilities. Proceedings of 2000 IEEE Computer Society Symposium on Security and Privacy, Oakland California. IEEE Computer Society,2000: 156-165.
[18]Tidwell T, Larson R, Fitch K, et al. Modeling Internet Attacks. Proceedings of the Second Annual IEEE SMC Information Assurance Workshop, United States Military Academy, West Point, New York. June 2001:IEEE Press, pp.54-59. 2001.
[19]Sheyner O. Jha S, Wing J, et al. Automated Generation and Analysis of Attack Graphs. IEEE Symposium on Security and Privacy. Oakland,California,2002.
[20]Jha S,Sheyner O, and Wing J. Two Formal Analyses of Attack Graphs. Proceedings of 15th IEEE Computer Security Foundations Workshop, Cape Breton. Nova Scotia, Canada. IEEE Computer Society,2002:49-63.
[21]Sheyner O. and Wing J. Tools for Generating and Analyzing Attack Graphs. Workshop on Formal Methods for Components and Objects. Tehran. Iran. 2004.
[22]Rieke R. Tool Based Formal Modelling. Analysis and Visualisation of Enterprise Network Vulnerabilities Utilising Attack Graph Exploration. U. E. Gattiker (Ed.). EICAR 2004 Conference CD-ROM:Best Paper Proceedings. Copenhagen. EICAR e.V.2004.
[23]Jajodia S. Noel S. and O'Berry B. Topological Analysis of Network Attack Vulnerability. Managing Cyber Threats:Issues. Approaches and Challenges. chapter 5. Kumar V, Srivastava J. and Lazarevic A. editors. Kluwer Academic Publisher. Boston. Massachusetts.2003.
[24]Noel S. Jajodia S. O'Berry B. et al. Efficient Minimum-Cost Network Hardening via Exploit Dependency Graphs. Proceedings of 19th Annual Computer Security Applications Conference. Las Vegas. Nevada.2003.
[25]Shahriari H R. and Jalili R. Modeling and Analyzing Network Vulnerabilities via A Logic-based Approach. Proceedings of the 2nd International Symposium of Telecommunications. Shiraz. Iran.2005:13-21.
[26]Shahriari H R. and Jalili R. Vulnerability Take Grant (VTG):An efficient approach to analyze network vulnerabilities. Computers & Security,2007. 26(5):349-360.
[27]Xinming Ou. A Logic-programming Approach to Network Security Analysis. PhD thesis, Princeton University.2005.
[28]Xinming Ou, Govindavajhala S. and Andrew W A. MulVAL:A Logic-based Network Security Analyzer. Porceedings of 14th USENIX Security Symposium, Baltimore, Maryland. USA.2005:113-128.
[29]Xinming Ou, Wayne F B. and Miles A M. A Scalable Approach to Attack Graph Generation. Proceedings of the 13th ACM conference on Computer and Communications Security,2006:336-345.
[30]Zhang Tao, Hu Ming-zeng, Li Dong, et al. An Effective Method to Generate Attack Graph. Proceedings of International Conference on Machine Learning and Cybernetics, Guangzhou. China,2005:3926-3931.
[31]张涛,胡铭曾,云晓春等.网络攻击图生成方法研究.高技术通讯,2006,16(4):348-352.
[32]张海霞,苏璞睿.冯登国.基于攻击能力增长的网络安全分析模型.计算机研究与发属2007,44(12):2012-2019.
[33]张海霞,连一峰,苏璞睿等.基于安全状态域的网络评估模型.软件学报.2009,20(2):451-461.
[34]Ammann P, Wijesekera D. and Kaushik S. Scalable, Graph-based Network Vulnerability Analysis. Proceedings of the 9th ACM Conference on Computer and Communications Security. New York. USA.2002:217-224.
[35]Noel S. and Jajodia S. Managing Attack Graph Complexity through Visual Hierarchical Aggregation. Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security. Washington DC. USA. 2004:109-118.
[36]Li W, and Vaughn R B. An Approach to Graph-based Modeling of Network Exploitations. Mississippi State University. Mississippi State. MS.2005.
[37]苘大鹏.周渊.杨武等.用于评估网络整体安全性的攻击图生成方法.通信学报.2009.30(3):l-5.
[38]苘大鹏.张冰,周渊等.一种深度优先的攻击图生成方法.吉林大学学报(工学版),2009,39(02):446-452.
[39]Daley K. Larson R. and Dawkins.J. A Structural Framework for Modeling Multi-stage Network Attacks. Proceedings of International Coference on Parallel Processing Workshops.2002:5-10.
[40]Dawkins J. and Hale J. A Systematic Approach to Multi-stage Network Attack Analysis. Proceedings of the second IEEE international Information Assurance Workshop. Charlotte. NC, USA,2004:48-56.
[41]Ritchey R W. Efficient Network Attack Graph Generation. PhD thesis, George Mason University,2007.
[42]卢静君,姚淑珍,黄河.基于主机中心模型的攻击图生成与分析方法.系统仿真学报,2009,20(增刊):190-193.
[43]Moore A P. Ellison R J, and Linger R C. Attack Modeling for Information Security and Survivability. Pittsburgh, PA:Software Engineering Institute, Carnegie Mellon University,2001.
[44]Gegick M. and Williams L. Matching Attack Patterns to Security Vulnerabilities in Software-Intensive System Designs. ACM SIGSOFT Software Engineering Notes, Proceedings of the 2005 workshop on Software engineering for secure systems-building trustworthy applications SESS'05, Volume 30. Issue 4. New York. NY:ACM Press.2005.
[45]Thormard O. and Dacier M. A Framework for Attack Patterns'Discovery in Honeynet Data. Digital Investigation, vol.8, pp. S128-S139.2008.
[46]Zhu Ying. Attack Pattern Discovery in Forensic Investigation of Network Attacks. IEEE Journal on Selected Areas in Communications,29(7).2011: 1349-1357.
[47]Zhang Lejun. Wang Wei. Guo Lin. et al. A Survivability Quantitative Analysis Model for Network System Based on Attack Graph. Proceedings of 2007 International Conference on Machine Learning and Cybernetics. Hong Kong. 2007:3211-3216.
[48]薄建业.基于攻击模式的攻击图生成技术研究.国防科学技术大学硕士学位论文,2009.
[49]赵豹,张怡,孟源.基于攻击模式的反向搜索攻击图生成算法.计算机工程与科学,2011,33(7):18-24.
[50]Sean Barnuin. and Amit Sethi. Introduction to Attack Patterns [EB/OL]. https://bui ldsecurityin.us-cert.gov/bsi/articles/knowledge/attack/585-BSI.html. 2011.
[51]CVE (Common Weakness Enumeration) [EB/OL]. http://cve.mitre.org/about/index.html.2011.
[52]Fernandez E. Pelaez J. and Petrie M L. Attack Patterns:A New Forensic and Design Tool. Advances in Digital Forensic.s Ⅲ. IFIP International Federation for Information Processing,2007. Vol.242/2007:345-357.
[53]Barnum S. and Sethi A. Attack Patterns as A Knowledge Resource for Buildig Secure Software. OMG Software Assurance Workshop:Cigital,2007.
[54]Engebretson P. Pauli J, and Streff K. Abstracting Parent Mitigations from the CAPEC Attack Pattern Dictionary. Proceedings of the 2008 International Coference on Security and Management (SAM 08). Las Vegas, NV, USA,2008: 245-250.
[55]CAPEC (Common Attack Pattern Enumeration and Classification) [EB/OL]. http://capec.mitre.org/about/index.html.2011.
[56]赵豹.基于攻击图的网络脆弱性分析技术研究.国防科学技术大学硕士学位论文,2009.
[57]马强.攻击图的设计与应用.中国科学技术大学硕士学位论文,2008.
[58]Graphviz-Graph Visualization Software [EB/OL]. http://www.graphviz.org/Home.php.2011.
[59]徐斌,王磊,陆月明等.网络拓扑信息提取的研究.微型机与应用,2000,19(4):29-30.
[60]维昭,刘强,韦卫等.多方位网络拓扑发现的通用算法与技术实现.计算机应用研究,2004,21(12):257-261.
[61]李玉碰,王换招,田海燕等.基于SNMP和Java的网络拓扑发现.计算机工程与应用,2004,24(7):152-154.
[62]周智,寇晓蕤,罗军勇.基于SNMP的远程网络拓扑发现方法.计算机应用,2006,26(4):961-962.
[63]Lippmann R. Ingols K. Scott C. et al. Validating and Restoring Defense in Depth Using Attack Graphs. Proceedings of 2006 Military Communications Conference. Washington, DC. USA.2006:1-10.
[64]Chen Fangfang. Wang Chunlu, Tian Zhihong. et al. An Atomic-Domains-Based Approach for Attack Graph Generation. Proceedings of International Conference on Computer Communications and Network Security,2009: 802-808.
[65]是灏,王轶骏,薛质.基于专家知识的攻击图生成方法.信息安全与通信保密,2011,第05期:88-90.
[66]Deraison R. The Nessus Project.http://www.nessus.org/. Nessus Open Source Vulnerability Scanner Project.2011.
[67]Zadeh I. A. Fuzzy Sets. Information and Control,1965.8(3):338-353.
[68]宋晓莉,余静,孙海传等.模糊综合评价法在风险计估中的应用.微计算祝信息.2006,22(12):71-79.
[69]王国玉,王会梅,陈志杰等.基于攻击图的计算机网络攻击建模方法.国防科技大学学报,2009,31(4):74-80.
[70]Debar H. Dacier M. and Wespi A. Towards A Taxonomy of Instrusion-detection Systems. Computer Networks,1999,31(8):805-822.
[71]Wenke L. and Stolfo S J. Data Mining Approaches for Intrusion Detection. Proceedings of the 7th USENIX Security Symposium. San Antonio. TX, USA, 1998:79-94.
[72]Wenke L. A Data Mining Framework for Building Instrusion Detection Models. Proceedings of the 1999 IEEE Symposium on Security and Privacy. Oakland, CA, USA.1999:120-132.
[73]Hofmeyr S A. Forrest S. and Somayaji A. Intrusion Detection Using Sequences of System Calls. Journal of Computer Security.1998.6(3):151-180.
[74]Ming-Yuh Huang. Jasper R J, and Wicks T M. A Large Scale Distributed Instrusion Detection Framework Based on Attack Strategy Analysis. Computer Networks.1999. Volume.31. Issues 23-24:2465-2475.
[75]Wespi A. Dacier M. and Debar H.Instrusion Detection Using Variable-Length Audit Trail Patterns. Lecture Notes in Computer Science.2000. Vol.1907/2000: 110-129.
[76]Portnoy L.Eskin E.and Stolfo S. Intrusion Detection with Unlabeled Data Using Clustering. Proceedings of ACM CSS Workshop on Data Mining Applied to Security. Philadelphia, PA, USA.2001.
[77]Cuppens F. and Miege A. Alert Correlation in A Cooperative Intrusion Detection Framework. Proceedings of the 2002 IEEE Symposium on Security and Privacy. Washington, DC. USA. IEEE Computer Society.2002:202-215.
[78]Ning P. and Xu D. Learning Attack Strategies from Intrusion Alerts. Proceedings of the 10th ACM Conference on Computer and Communications Security. New York,ACM Press,2003:200-209.
[79]Noel S. and Jajodia S. Attack Graphs for Sensor Placement. Alert Prioritization. and Attack Response. In Cyberspace Research Workshop.2007.
[80]Noel S. and Jajodia S. Optimal IDS Sensor Placement and Alert Prioritization Using Attack Graphs. Journal of Network and Systems Management.2008. 16(3):259-275.
[81]Roschke S,Feng Cheng, and Meinel C. Using Vulnerability Information and Attack Graphs for Intrusion Detection. Proceedings of the 6th International Conference on Information Assurance and Security. Atlanta. GA, USA,2010: 68-73.
[82]Wolthusen S D. Layered Multipoint Network Defense and Security Policy Enforcement. Proceedings of the 2nd Annual IEEE SMC Information Assurance Workshop, West Point, NY, USA,2001:100-108.
[83]Naldurg P. Developing Dynamic Security Policies. Proceedings of DARPA Active Networks Conference and Exposition. San Francisco, CA, USA,2002: 204-215.
[84]Naldurg P, and Campbell R H. Dynamic Access Control:Preserving Safety and Trust for Network Defense Operations. Proceedings of the 8th ACM symposium on access control models and technologies. Como. Italy.2003: 231-237.
[85]Jiang Y C. Xia Z Y, and Zhang S Y. A Novel Defense Model for Dynamic Topology Network Based on Mobile Agent. Microprocessors and Microsystems,29(6).2005:289-297.
[86]Ingols K. Lippmann R. and Piwowarski K. Practical Attack Graph Generation for Network Defense. Proceedings of 2006 Computer Security Applications Conference. Miami Beach. FL. USA.2006:121-130.
[87]Lei.lie. and Li Zhitang. Using Network Attack Graph to Predict the Future Attacks. Proceedings of the 2rd International Conference on Communications and Networking in China, Shanghai. China,2007:403-407.
[88]冯登国,张阳,张玉清.信息安全风险评估综述.通信学报,2004,25(7):10-18.
[89]Schechter K J S. How Much Is Enough? A Risk-Management Approach to Computer Security. PhD thesis, Stanford University. June 2000.
[90]Stoneburner G. Goguen A. and Feringa A. Risk Management Guide for Information Technology Systems:Recommendations of the National Institute of Standards and Technology. National Insitute of Standards and Technology(NIST) Special Publication 800-30.U.S. Government Printing Office. October 2001.
[91]Schechter S E. Computer Security Strength & Risk:A Quantitative Approach. PhD thesis. Harvard University.2004.
[92]Clark K. Tyree S. Daw kins J. et al. Qualitative and Quantitative Analytical Techniques for Network Security Assessment. Proceedings of the 2004 IEEE Workshop on Information Assurance, West Point, New York. USA.2004: 321-328.
[93]刘芳.信息系统安全评估理论及其关键技术研究.国防科学技术大学博士学位论文,2005.
[94]宋晓莉,王劲松.陈源.信息安全风险评估方法研究.网络安全技术与应用2006,第12期:67-69.
[95]Dantu R, Loper K, and Kolan P. Risk Management Using Behavior Based Attack Graphs. Proceedings of 2004 International Conference on Information Technology:Coding and Computing,2004:445-449.
[96]Kotenko l,and Stepashkin M. Attack Graph Based Evaluation of Network Security. Lecture Notes in Computer Science,2006, Volume 4237/2006: 216-227.
[97]Wang L, Singhal A. and Jajodia S. Toward Measuring Network Security Using Attack Graphs. Proceedings of the ACM workshop on Quality of Protection. Alexandria, Virginia. USA.2007:49-54.
[98]Gupta S, and Winstead J. Using Attack Graphs to Design Systems. Security & Privacy. IEEE Press.2007.5(4):80-83.
[99]Dowd P W. Network Security:It's Time to Take It Seriously. Computer.1998. 31(9):24-28.
[100]Vigna G. Valeur V. Zhou J. et al. Composable Tools for Network Discovery and Security Analysis. Proceedings of 18th Annual Conference on Computer Security and Applications. Las Vegas. NV. USA.2002:14-24.
[101]Noel S. O'Berry B. Hutchinson C. et al. Combinatorial Analysis of Network Security. Proceedings of the 16th Annual International Symposium on Aerospace/Defence Sensing, Simulation, and Controls, Orlando,Florida. USA. 2002:140-149.
[102]Jajodia S. and Noel S. Topological Vulnerability Analysis:A Powerful New Approach for Network Attack Prevention. Detection, and Response. Indian Statistical Institute Monograph Series. World Scientific Press.2007.
[103]Ghosh N. An Approach for Security Assessment of Network Configurations Using Attack Graph. Proceedings of the 1st International Conference on Networks and Communications. Chennai, India.2009:283-288.
[104]Zhang T, Hu M. Li D, et al. Generate Attack Graph for Network Security Analysis. Journal of Information and Computational Science.2005,2(3): 605-615.
[105]Chen F. and Su J S. A Flexible Approach to Measuring Network Security Using Attack Graphs. Proceedings of the International Symposium on Electronic Commerce and Security. Guangzhou, China,2008:426-431.
[106]Cormen T H. Leiserson C E, Rivest R L, et al. Section 22.1:Representations of graphs. Introduction to Algorithms. MIT Press and McGraw-Hill.2001: 527-531.
[107]Godsil C. and Royle G. Algebraic Graph Theory. New York:Springer.2001.
[108]屈婉玲,耿索云,张立昂等编著.离散数学.高等教育出版社,2008.
[109]Feller W. An Introduction to Probability Theory and Its Applications, Vol. 1,3rd Edition. Wiley Press,1968.
[110]Chow Y S. and Teicher H. Probability Theory:Independence, Interchangeability. Martingales, Third Edition. Springer Press,1997.
[111]Golub G. and Van Loan C. Matrix Computations (Third Edition). Johns Hopkins University Press.1996.
[112]Varga R S. Matrix Iterative Analysis (Springer Series in Computational Mathematics).2nd Edition. Springer Press.2000.