An Attack Path Generation Methods Based on Graph Database

Bintao Yuan, Zulie Pan, Fan Shi, Zhenhan Li
{"title":"An Attack Path Generation Methods Based on Graph Database","authors":"Bintao Yuan, Zulie Pan, Fan Shi, Zhenhan Li","doi":"10.1109/ITNEC48623.2020.9085039","DOIUrl":null,"url":null,"abstract":"With the popularity of network technology and the expansion of network scale, the network security risks are increasingly serious. Network vulnerability assessment methods, a technology of active network security defense, have attracted many researchers. Most existing network vulnerability assessment methods store different types of data in different ways, which makes querying and analyzing inefficient, especially in the complex large-scale network environment. In order to solve this problem, this paper proposes a method of network vulnerability assessment based on graph database. The network host information, association relationship between hosts and vulnerability information of the target network are stored in the graph database, the query and analysis are carried out by using the graph database query language. Graph database stores the information of the network hosts, association relationship among hosts and vulnerabilities of the target network. The graph database query language supports querying and analysis. Visualizing the network topology, vulnerability information and all possible attack paths provides a reference to develop the network security protection strategy. Experiments' results illustrate that the method runs efficiently and helps with querying and analysis, which is applicable to large-scale complex network environment.","PeriodicalId":235524,"journal":{"name":"2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC)","volume":"222 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ITNEC48623.2020.9085039","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 12

Abstract

With the popularity of network technology and the expansion of network scale, the network security risks are increasingly serious. Network vulnerability assessment methods, a technology of active network security defense, have attracted many researchers. Most existing network vulnerability assessment methods store different types of data in different ways, which makes querying and analyzing inefficient, especially in the complex large-scale network environment. In order to solve this problem, this paper proposes a method of network vulnerability assessment based on graph database. The network host information, association relationship between hosts and vulnerability information of the target network are stored in the graph database, the query and analysis are carried out by using the graph database query language. Graph database stores the information of the network hosts, association relationship among hosts and vulnerabilities of the target network. The graph database query language supports querying and analysis. Visualizing the network topology, vulnerability information and all possible attack paths provides a reference to develop the network security protection strategy. Experiments' results illustrate that the method runs efficiently and helps with querying and analysis, which is applicable to large-scale complex network environment.
一种基于图数据库的攻击路径生成方法
随着网络技术的普及和网络规模的扩大,网络安全风险日益严重。网络脆弱性评估方法作为一种主动的网络安全防御技术,受到了众多研究者的关注。现有的网络漏洞评估方法大多以不同的方式存储不同类型的数据,使得查询和分析效率低下,特别是在复杂的大规模网络环境中。为了解决这一问题,本文提出了一种基于图数据库的网络脆弱性评估方法。将目标网络的网络主机信息、主机间关联关系和漏洞信息存储在图数据库中,使用图数据库查询语言进行查询和分析。图形数据库存储了网络主机信息、主机间的关联关系以及目标网络的漏洞信息。图数据库查询语言支持查询和分析。可视化网络拓扑、漏洞信息和所有可能的攻击路径,为制定网络安全防护策略提供参考。实验结果表明,该方法运行效率高,有利于查询和分析,适用于大规模复杂网络环境。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信