• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

J4 ›› 2013, Vol. 35 ›› Issue (7): 53-59.

• 论文 • 上一篇    下一篇

一种面向组合攻击效能评估的Enhanced LAMBDA描述语言

彭子枚1,赵文涛2,邹荣念1   

  1. (1.91669部队,海南  海口 571100;2.国防科学技术大学计算机学院,湖南 长沙 410073)
  • 收稿日期:2011-07-29 修回日期:2011-09-28 出版日期:2013-07-25 发布日期:2013-07-25
  • 基金资助:

    国家自然科学基金资助项目(61271252,61105050)

An enhanced LAMBDA description language
oriented to combined attack effectiveness evaluation               

PENG Zimei1,ZHAO Wentao2,ZOU Rongnian1   

  1. (1.Troop 91669,Haikou 571100;
    2.School of Computer Science,National University of Defense Technology,Changsha 410073,China)
  • Received:2011-07-29 Revised:2011-09-28 Online:2013-07-25 Published:2013-07-25

摘要:

利用描述语言进行攻击建模能够更有效地刻画攻击细节。通过对网络攻击效能进行评估,可以对网络攻击的效果给出定性和定量的评价,检验攻击行为的有效性,有助于制定有效的网络安全策略。基于LAMBDA语言,扩充了时间约束和效能约束方面的描述能力,提出了一种增强的攻击描述语言Enhanced LAMBDA,并给出了Enhanced LAMBDA的应用实例。最后,利用DARPA数据集LLDOS1.0构造了网络组合攻击的测试场景,基于Enhanced LAMBDA对其进行效能评估。实验结果表明,Enhanced LAMBDA能有效支持网络组合攻击的效能评估。

关键词: 攻击建模, LAMBDA, 描述语言, 效能评估

Abstract:

Modeling attack actions with description language can depict the details of the attack more effectively. By evaluating the effectiveness of network attacks, the qualitative and quantitative evaluation of the effect of network attacks is concluded, and it can test the effectiveness of attack actions and help to establish effective security policy of network. Based on the LAMBDA description language, this paper expands its expressiveness on time constraints and effectiveness constraints, proposes an enhanced attack description language, the enhanced LAMBDA, and then gives an application example of the enhanced LAMBDA. In the end, this paper uses DARPA data set, the LLDOS1.0, to construct a test scenario of combined attack of network and evaluates its effectiveness based on the enhanced LAMBDA. The experimental results indicate that Enhanced LAMBDA can effectively support the evaluation of effectiveness of combined attacks.

Key words: attack modeling;LAMBDA;description language;effectiveness evaluation