Abstract:The huge structures and the complex behavior of threat models in complex networks are given too much computing effort for threat analyse. This paper presents an algebraic framework for threat modeling using algebraic theory to describe the object and its threats which are all implemented in a C program. An algebraic function measures the similarities among different threats and then expands the analysis using matrixes or nonlinear constraint theory. Finally, an equivalence relation for the concurrent theoretical is used to established a threat polymerization rule for similar threats to optimize the threat model and reduce the threat analysis complexity.
[1] 王永杰, 鲜明, 刘进, 等. 基于攻击图模型的网络安全评估研究[J]. 通信学报, 2007,28(3):29-34. WANG Yongjie, XIAN Ming, LIU Jin, et al. Study of network security evaluation based on attack graph model[J].Communication Technology, 2007,28(3):29-34. (in Chinese)
[2] 王红兵. Web应用威胁建模与定量评估[J]. 清华大学学报(自然科学版), 2009,49(S2):2108-2112. WANG Hongbin. Web application threat modeling and quantitative assessment[J].Journal of Tsinghua University (Science and Technology), 2009,49(S2):2108-2112. (in Chinese)
[3] WANG Lingyu, Lslam T, LONG Tao, et al. An attack graph-based probabilistic security metric[J].Lecture Notes in Computer Science, 2008,5094:283-296.
[4] 何可, 李晓红, 冯志勇. 面向对象的威胁建模方法[J]. 计算机工程, 2011,37(4):21-23. HE Ke, LI Xiaohong, FENG Zhiyong. Approach to object oriented threat modeling[J].Computer Engineering, 2011,37(4):21-23. (in Chinese)
[5] Bau J, Mitchell J C. Security modeling and analysis[J].Security & Privacy, 2011,9(3):18-25.
[6] 贾凡, 佟鑫. NFC手机支付系统的安全威胁建模[J]. 清华大学学报(自然科学版), 2012,52(10):1460-1464. JIA Fan, TONG Xin. Threat modeling for mobile payments using NFC phones[J].Journal of Tsinghua University (Science and Technology), 2012,52(10):1460-1464. (in Chinese)
[7] Sebastian R, Feng C, Christoph M. A new alert correlation algorithm based on attack graph[J].Lecture Notes in Computer Science, 2011,6694:58-67.
[8] Andreas C, Patrick H, Pierre-Yves S, et al. Symbolic model checking of software product lines[C]//Proceedings of the 33rd International Conference on Software Engineering. New York:ACM, 2011:321-330.
[9] 邓辉. 基于符号与数值混合计算的多项式变迁系统近似互模拟[D]. 北京:北京交通大学, 2014. DENG Hui. Approximate Bisimulation for Polynomial Transition Systems Based on Symbolic-numeric Computation[D]. Beijing:Beijing Jiaotong University, 2014. (in Chinese)
[10] 陈荣茂. 复杂网络威胁建模与检测技术研究[D]. 长沙:国防科学技术大学, 2013. CHEN Rongmao. Modeling and Detection of Sophisticated Network Threats[D]. Changsha:National University of Defense Technology, 2013. (in Chinese)
[11] Wang L Y, Liu A, Jajodia S. Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts[J].Computer Communications, 2006,29(15):2917-2933.
[12] Zhang S J, Song S S. A novel attack graph posterior inference model based on Bayesian network[J]. Journal of Information Security, 2011,2:8-27.