应用Q学习决策的最优攻击路径生成方法

doi:10.19665/j.issn1001-2400.2021.01.018

Abstract

Abstract:

The main research purpose of this paper is to generate a dynamic approach to finding the optimal attack path based on the Q-learning algorithm in machine learning,and to improve the efficiency and adaptability of this approach.The method,based on the Q-learning algorithm and by the reference network connectivity and partition,uses the delete inaccessible path in the network topology reduction method,and simulated by machine learning hacker attacks,combines state and action,in keep learning to improve their ability of adaptation and decision-making,so as to generate the optimal attack path efficiently.Finally,through experiments,the established simulated attacker can obtain the state-value table in the Q-learning method in the environment with the IDS alarm device,and can obtain the optimal attack path sequence from the source host to the destination host by traversing the Q table,which verifies the validity and accuracy of the model and algorithm.At the same time,by analyzing the host reachability in advance,the redundant nodes are greatly reduced,a great advantage in large network topology.

Key words: attack graph, network security, reinforcement learning, optimization algorithm, Q-learning

CLC Number:

TP309

LI Teng,CAO Shijie,YIN Siwei,WEI Dawei,MA Xindi,MA Jianfeng. Optimal method for the generation of the attack path based on the Q-learning decision[J].Journal of Xidian University, 2021, 48(1): 160-167.

Figures/Tables 11

References 15

[1]	PHILLIPS C, SWILER L P. A Graph-based Network-vulnerability Analysis System [C]//Proceedings of the New Security Paradigms Workshop.New York:ACM, 1998: 71-79.
[2]	杨英杰, 冷强, 常德显, 等. 基于属性攻击图的网络动态威胁分析技术研究[J]. 电子与信息学报, 2019,41(8):1838-1846.
	YANG Yingjie, LENG Qiang, CHANG Dexian, et al. Research on Network Dynamic Threat Analysis Technology Based on Attribute Attack Graph[J]. Journal of Electronics & Information Technology, 2019,41(8):1838-1846.
[3]	张涛, 吴冲, 刘晖. 基于安全状态空间的攻击图生成方法[C]//全国网络与信息安全技术研讨会论文集(上册)北京:中国通信学会, 2007: 153-160.
[4]	张书钦, 李凯江, 张露, 等. 基于Q-learning机制的攻击图生成技术研究[J]. 电子科技, 2018,31(10):6-10.
	ZHANG Shuqin, LI Kaijiang, ZHANG Lu, et al. Research on Attack Graph Generation Based on Q-learning Mechanism[J]. Electronic Science and Technology, 2018,31(10):6-10.
[5]	胡昌振, 陈韵, 吕坤.一种基于Q学习的最佳攻击路径规划方法:CN107317756A[P]. 2017 -11-03.
[6]	叶子维, 郭渊博, 王宸东, 等. 攻击图技术应用研究综述[J]. 通信学报, 2017,38(11):121-132.
	YE Ziwei, GUO Yuanbo, WANG Chendong, et al. Survey on Application of Attack Graph Technology[J]. Journal on Communications, 2017,38(11):121-132.
[7]	孙一品, 钟求喜, 苏金树. 基于隐马尔可夫模型的攻击意图识别技术研究[J]. 计算机工程与科学, 2007,29(8):19-22.
	SUN Yipin, ZHONG Qiuxi, SU Jinshu. Research on Intention Recognition Based on HMM[J]. Computer Engineering & Science, 2007,29(8):19-22.
[8]	李庆朋, 王布宏, 王晓东, 等. 基于最优攻击路径的网络安全增强策略研究[J]. 计算机科学, 2013. 40(4):152-154.
	LI Qingpeng, WANG Buhong, WANG Xiaodong, et al. Approach on Network Security Enhancement Strategies Based on Optimal Attack Path[J]. Computer Science, 2013. 40(4):152-154.
[9]	DEWRI R, RAY I, POOLSAPPASIT N, et al. Optimal Security Hardening on Attack Tree Models of Networks:a Costbenefit Analysis[J]. International Journal of Information Security, 2012,11(3):167-188.
[10]	王辉, 茹鑫鑫, 戴田旺, 等. 基于NAPG模型的攻击增益路径预测算法[J]. 吉林大学学报(理学版), 2019,57(5):1169-1178.
	WANG Hui, RU Xinxin, DAI Tianwang, et al. Attack Profit Path Prediction Algorithm Based on NAPG Model[J]. Journal of Jilin University(Science Edition), 2019,57(5):1169-1178.
[11]	王辉, 娄亚龙, 戴田旺, 等. 基于BNAG模型的脆弱性评估算法[J]. 计算机工程, 2019,45(9):128-135,142.
	WANG Hui, LOU Yalong, DAI Tianwang, et al. Vulnerability Evaluation Algorithm Based on BNAG Model[J]. Computer Engineering, 2019,45(9):128-135,142.
[12]	高妮, 高岭, 贺毅岳, 等. 基于贝叶斯攻击图的动态安全风险评估模型[J]. 四川大学学报(工程科学版), 2016,48(1):111-118.
	GAO Ni, GAO Ling, HE Yiyue, et al. Dynamic Security Risk Assessment Model Based on Bayesian Attack Graph[J]. Journal of Sichuan University(Engineer Science Edition), 2016,48(1):111-118.
[13]	闫峰, 刘淑芬, 冷煌. 基于转换的攻击图分析方法研究[J]. 电子学报, 2014,42(12):2477-2480.
	YAN Feng, LIU Shufen, LENG Huang. Study on Analysis of Attack Graphs Based on Conversion[J]. Acta Electronica Sinica, 2014,42(12):2477-2480.
[14]	胡浩, 叶润国, 张红旗, 等. 基于攻击预测的网络安全态势量化方法[J]. 通信学报, 2017,38(10):122-134.
	HU Hao, YE Runguo, ZHANG Hongqi, et al. Quantitative Method for Network Security Situation Based on Attack Prediction[J]. Journal on Communications, 2017,38(10):122-134.
[15]	LIU X G.A Network Attack Path Prediction Method Using Attack Graph[J/OL].[2020-07-26].https://doi.org/10.1007/s12652-020-02206-5.

Optimal method for the generation of the attack path based on the Q-learning decision

RichHTML

PDF (PC)

Like

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 11

References 15

Related Articles 15

Metrics

Comments

Recommended 10

[1]	ZHANG Dehua,HAO Xinyuan,ZHANG Nina,WEI Qian,LIU Ying. PSO-DE algorithm based on the optimal selection strategy [J]. Journal of Xidian University, 2022, 49(2): 218-227.
[2]	LV Wenkai,YANG Pengfei,DING Yunqing,ZHANG Heyu,ZHENG Tianyang. JEDERL:A task scheduling optimization algorithm for heterogeneous computing platforms [J]. Journal of Xidian University, 2021, 48(6): 67-74.
[3]	LI Ming,HU Jiangping,CAO Xiaoli. Minimum cost of node deployment strategy for heterogeneous sensor networks [J]. Journal of Xidian University, 2021, 48(4): 11-19.
[4]	MA Yue,ZHANG Yumei. Method for distributed deployment of the virtual network function manager for MEC [J]. Journal of Xidian University, 2021, 48(4): 20-26.
[5]	YANG Zhongping,ZHOU Qingsong,ZHANG Jianyun. Optimization algorithm for ultra-sparse arrays in regional energy focusing [J]. Journal of Xidian University, 2021, 48(4): 57-63.
[6]	LIU Huayuan,SU Yunfei,LI Ruilin,TANG Chaojing. Structure-statebased graybox Fuzzing technique [J]. Journal of Xidian University, 2021, 48(1): 117-123.
[7]	YANG Hongyu,ZENG Renyun. Method for assessment of network security situation with deep learning [J]. Journal of Xidian University, 2021, 48(1): 183-190.
[8]	YANG Hongyu,ZHANG Xugao. Network security situation adaptive prediction model [J]. Journal of Xidian University, 2020, 47(3): 14-22.
[9]	ZHANG Zheming,REN Shuxia,GUO Kaijie. Model of abstractive text summarization for topic-aware communicating agents [J]. Journal of Xidian University, 2020, 47(3): 97-104.
[10]	ZHANG Ying,WEI Minfeng,WANG Shihui,TAO Leiyan,CAO Jian,ZHANG Xing. Aircraft reinforcement learning multi-mode control in orbit [J]. Journal of Xidian University, 2020, 47(2): 75-82.
[11]	WANG Yan. Enhanced multi-objective evolutionary algorithm for workflow scheduling on the cloud platform [J]. Journal of Xidian University, 2019, 46(1): 130-136.
[12]	ZHOU Yi,CHEN Bo. Method for robot obstacle avoidance based on the improved dueling network [J]. Journal of Xidian University, 2019, 46(1): 46-50.
[13]	YANG Baowang. Low-rate-denial-of-service attack detection by symbolic dynamics method [J]. Journal of Xidian University, 2018, 45(1): 140-144.
[14]	LIN Feng;CHEN Jianjun;CAO Hongjun. Probabilistic and interval reliability design of the composite pressure vessel [J]. Journal of Xidian University, 2017, 44(1): 45-51.
[15]	LIANG Hongquan;WU Wei. Secure link status routing protocol based on node trustworthiness [J]. Journal of Xidian University, 2016, 43(5): 121-127.