基于网络流量的攻击路径可视化分析框架

2021 IEEE International Conference on Power Electronics, Computer Applications (ICPECA) Pub Date : 2021-01-22 DOI:10.1109/ICPECA51329.2021.9362725

Xiaolong Li, Tengteng Zhao, Wei Zhang, Zhiqiang Gan, Fu-Sheng Liu

{"title":"基于网络流量的攻击路径可视化分析框架","authors":"Xiaolong Li, Tengteng Zhao, Wei Zhang, Zhiqiang Gan, Fu-Sheng Liu","doi":"10.1109/ICPECA51329.2021.9362725","DOIUrl":null,"url":null,"abstract":"With the rapid development of the Internet, cyberspace security has become a potentially huge problem. At the same time, the disclosure of cyberspace vulnerabilities is getting faster and faster. Traditional protection methods based on known features cannot effectively defend against new network attacks. Network attack is no more a single vulnerability exploit, but an APT attack based on multiple complicated methods. Cyberspace attacks have become “rationalized” on the surface. Currently, there are a lot of researches about visualization of attack paths, but there is no an overall plan to reproduce the attack path. Most researches focus on the detection and characterization individual based on single behavior cyberspace attacks, which loose it’s abilities to help security personnel understand the complete attack behavior of attackers. The key factors of this paper is to collect the attackers’ aggressive behavior by reverse retrospective method based on the actual shooting range environment. By finding attack nodes and dividing offensive behavior into time series, we can characterize the attacker’s behavior path vividly and comprehensively.","PeriodicalId":119798,"journal":{"name":"2021 IEEE International Conference on Power Electronics, Computer Applications (ICPECA)","volume":"40 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-01-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A visual analysis framework of attack paths based on network traffic\",\"authors\":\"Xiaolong Li, Tengteng Zhao, Wei Zhang, Zhiqiang Gan, Fu-Sheng Liu\",\"doi\":\"10.1109/ICPECA51329.2021.9362725\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With the rapid development of the Internet, cyberspace security has become a potentially huge problem. At the same time, the disclosure of cyberspace vulnerabilities is getting faster and faster. Traditional protection methods based on known features cannot effectively defend against new network attacks. Network attack is no more a single vulnerability exploit, but an APT attack based on multiple complicated methods. Cyberspace attacks have become “rationalized” on the surface. Currently, there are a lot of researches about visualization of attack paths, but there is no an overall plan to reproduce the attack path. Most researches focus on the detection and characterization individual based on single behavior cyberspace attacks, which loose it’s abilities to help security personnel understand the complete attack behavior of attackers. The key factors of this paper is to collect the attackers’ aggressive behavior by reverse retrospective method based on the actual shooting range environment. By finding attack nodes and dividing offensive behavior into time series, we can characterize the attacker’s behavior path vividly and comprehensively.\",\"PeriodicalId\":119798,\"journal\":{\"name\":\"2021 IEEE International Conference on Power Electronics, Computer Applications (ICPECA)\",\"volume\":\"40 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-01-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 IEEE International Conference on Power Electronics, Computer Applications (ICPECA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICPECA51329.2021.9362725\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE International Conference on Power Electronics, Computer Applications (ICPECA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICPECA51329.2021.9362725","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

随着互联网的快速发展，网络空间安全已成为一个潜在的巨大问题。与此同时，网络空间漏洞的披露速度也越来越快。传统的基于已知特征的防护方法无法有效防御新的网络攻击。网络攻击不再是单一的漏洞利用，而是基于多种复杂方法的APT攻击。网络攻击在表面上已经变得“合理化”。目前，针对攻击路径可视化的研究很多，但对于攻击路径的再现却没有一个整体的方案。大多数研究都集中在基于单一行为的网络攻击个体的检测和表征上，难以帮助安全人员了解攻击者的完整攻击行为。本文的关键因素是基于实际射击场环境，采用逆向回溯法收集攻击者的攻击行为。通过寻找攻击节点，将攻击行为划分为时间序列，可以形象、全面地刻画攻击者的行为路径。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A visual analysis framework of attack paths based on network traffic

With the rapid development of the Internet, cyberspace security has become a potentially huge problem. At the same time, the disclosure of cyberspace vulnerabilities is getting faster and faster. Traditional protection methods based on known features cannot effectively defend against new network attacks. Network attack is no more a single vulnerability exploit, but an APT attack based on multiple complicated methods. Cyberspace attacks have become “rationalized” on the surface. Currently, there are a lot of researches about visualization of attack paths, but there is no an overall plan to reproduce the attack path. Most researches focus on the detection and characterization individual based on single behavior cyberspace attacks, which loose it’s abilities to help security personnel understand the complete attack behavior of attackers. The key factors of this paper is to collect the attackers’ aggressive behavior by reverse retrospective method based on the actual shooting range environment. By finding attack nodes and dividing offensive behavior into time series, we can characterize the attacker’s behavior path vividly and comprehensively.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2021 IEEE International Conference on Power Electronics, Computer Applications (ICPECA)

自引率

0.00%

发文量