摘 要:基于入侵响应提出了一种计算机与网络攻击分类法,以在自动入侵响应过程中建立响应和攻击的一一对应关系。在分析攻击分类法的现有研究成果和入侵响应特定需求的基础上,该分类法将攻击分为三大主要维度,并从响应的角度对它们进行了细分。第一维定位于对攻击源的划分,第二维覆盖攻击者所采用的各类攻击方式,第三维关注攻击的危害。通过采用该分类法,在 AIR 系统中成功建立了攻击与响应的对应关系。经对典型攻击的应用验证,检验了其实用性与可行性。
关键词:攻击分类法;自动入侵响应;网络攻击;主机攻击;攻击技术
DOI:10.19850/j.cnki.2096-4706.2021.11.043
中图分类号:TN915.08;TP301 文献标识码:A 文章编号:2096-4706(2021)11-0162-04
Classification of Computer and Network Attacks Based on Intrusion Response
TANG Guanchu
(Artificial Intelligence Department of Jiangxi University of Technology, Nanchang 330098, China)
Abstract: On the basis of the intrusion response, a classification of computer and network attack is proposed to establish a one-toone relationship between response and attack in the process of automatic intrusion response. Based on the analysis of the existing research results of attack classification and the specific needs of intrusion response, the classification divides attacks into three main dimensions and subdivides them from the perspective of response. The first dimension focuses on the division of attack sources, the second dimension covers all kinds of attack methods adopted by attackers, and the third dimension focuses on the harm of attacks. By using this classification, the corresponding relationship between attack and response is successfully established in AIR system. Through the application verification of typical attacks, its practicability and feasibility are tested.
Keywords: attack classification; automatic intrusion response; network attack; host attack; attack technology
参考文献:
[1] HAN W J,XUE J F,YAN H. Detecting anomalous traffic in the controlled network based on cross entropy and support vector machine [J].IET Information Security,2019,13(2):109-116.
[2] HUBBALLI N,SANTINI J. Detecting TCP ACK storm attack:a state transition modelling approach [J].IET Networks,2018, 7(6):429-434.
[3] KONING R,GRAAFF D B,POLEVOY G,et al. Measuring the efficiency of SDN mitigations against attacks on computer infrastructures [J].Future Generation Computer Systems,2019,91: 144-156.
[4] KOTENKO I,DOYNIKOVA E. Selection of countermeasures against network attacks based on dynamical calculation of security metrics [J].The Journal of Defense Modeling and Simulation: Applications,Methodology,Technology,2018,15(2):181-204.
[5] HOUNSOU J T,NSABIMANA T,D E G I L A J . Implementation of Network Intrusion Detection System Using Soft Computing Algorithms(Self Organizing Feature Map and Genetic Algorithm) [J].Journal of Information Security,2019,10(1):1-24.
[6] FALAYE A A,OLUYEMI E S,VICTOR A N,et al. Parametric Equation for Capturing Dynamics of Cyber Attack Malware Transmission with Mitigation on Computer Network [J].International Journal of Mathematical Sciences and Computing,2017,3(4):37-51.
[7] SGOURAS K I,KYRIAKIDIS A N,LABRIDIS D. Short-term risk assessment of botnet attacks on advanced metering infrastructure [J].IET Cyber-Physical Systems Theory & Applications, 2017,2(3):143-151.
[8] NGUYEN T A T,DANG T K. Privacy preserving biometricbased remote authentication with secure processing unit on untrusted server [J].IET Biometrics,2019,8(1):79-91.
[9] 肖圣龙,陈昕,李卓 . 面向社会安全事件的分布式神经 网络攻击行为分类方法 [J]. 计算机应用,2017,37(10):2794- 2798+2805.
[10] JYOTHIRMAI P,RAJ J S,SMYS S. Secured Self Organizing Network Architecture in Wireless Personal Networks [J]. Wireless Personal Communications,2017,96(4):5603-5620.
[11] YAN Q,GONG Q,YU F R. Effective software-defined networking controller scheduling method to mitigate DDoS attacks [J]. Electronics Letters,2017,53(7):469-471.
[12] RRUSHI J. NIC displays to thwart malware attacks mounted from within the OS [J].Computers & Security,2016,61:59-71.
[13] ZHAO Y H,HE X,ZHOU D H. Optimal joint control and triggering strategies against denial of service attacks:a zero-sum game [J]. IET Control Theory and Applications,2017,11(14):2352-2360.
[14] MOUSTAKAS K,DROSOU A,TZOVARAS D,et al. Border gateway protocol graph:detecting and visualising internet routing anomalies [J].IET Information Security,2016,10(3):125- 133.
[15] FALAYE A A,OLUYEMI E S,VICTOR A N,et al. Parametric Equation for Capturing Dynamics of Cyber Attack Malware Transmission with Mitigation on Computer Network [J].International Journal of Mathematical Sciences and Computing,2017,3(4):37-51.
作者简介:汤冠楚(1998—),男,汉族,江西萍乡人,本科, 研究方向:计算机与网络攻击分类法。