Research on network intrusion response method based on Bayesian attack graph

Abstract

With the rapid development of computer networks, people's use of the Internet has become more and more common, and network security issues are becoming increasingly serious. Compared with intrusion detection, the development of intrusion response is slightly lagging behind. There are many devices for intrusion detection, alarm information is difficult to analyze and there are false alarms and isolated alarms, and many detection strategies require manual operation, which greatly increases the time cost and labor cost of intrusion response. In this paper, we propose an intrusion response method based on Bayesian attack graph, which effectively uses the alarm information and adopts the attack behavior prediction algorithm of Bayesian attack graph to block the attack path of network attacks for the uncertainty of attack events and enhance system security.