北京航空航天大学学报 ›› 2007, Vol. 33 ›› Issue (12): 1486-1490.

• 论文 • 上一篇    

一种面向攻击树建模的描述语言

唐淑君,李肖坚,屠守中,韦刚   

  1. 北京航空航天大学 计算机学院, 北京 100083
  • 收稿日期:2006-12-21 出版日期:2007-12-31 发布日期:2010-09-17
  • 作者简介:唐淑君(1981-),女,广西桂林人,硕士生,Tangducky@hotmail.com.
  • 基金资助:

    航空科学基金资助项目(03F51060);北京教育委员会共建项目建设计划基金资助项目(SYS100060412);国防基础科研资助项目(2007A01Z407)

Description language oriented to attack tree model

Tang Shujun, Li Xiaojian, Tu Shouzhong, Wei Gang   

  1. School of Computer Science and Technology, Beijing University of Aeronautics and Astronautics, Beijing 100083, China
  • Received:2006-12-21 Online:2007-12-31 Published:2010-09-17

摘要: 目前网络安全仿真研究中存在缺乏攻击建模方法以及统一描述的问题,因此在采用攻击树建立攻击模型,描述攻击企图、特征和步骤执行过程的基础上,提出一种攻击描述语言CNADL(Computer Network Attack Description Language).攻击树用于对攻击进行建模,并转化为自动机模型.CNADL采用上下文无关文法,用统一的形式描述攻击的目的、方法和步骤,由解释器生成相应操作的命令交付攻击演练系统执行.利用基于GTNetS仿真平台的攻击演练系统对CNADL进行实验验证.结果表明,该语言能有效地刻画攻击特征,结合仿真平台,实现了拒绝服务、蠕虫、口令窃取和IP欺骗4种攻击仿真.

Abstract: A main problem of recent researches on network security simulation is the lack of methods to model attack and uniform description. Hence computer network attack description language(CNADL) was presented, with attack tree adopted to model attacks and describe purpose, characteristic and process of attack. Attack tree was used to model attacks and then transformed to automata model. CNADL, which was attack tree model oriented and designed in context-free grammar, described the goal, means and process of different attacks in uniform format. The interpreter translated CNADL into corresponding orders and sent them to attack drilling system. Based on GTNetS simulator, the attack drilling system tested the validity of CNADL. The experimental results show that CNADL is able to describe attack characteristics efficiently, and simulate denial of service(DoS), worm password attack and IP spoof based on GTNetS.

中图分类号: 


版权所有 © 《北京航空航天大学学报》编辑部
通讯地址:北京市海淀区学院路37号 北京航空航天大学学报编辑部 邮编:100191 E-mail:jbuaa@buaa.edu.cn
本系统由北京玛格泰克科技发展有限公司设计开发