公开(公告)号：US07904962B1

公开(公告)日：2011-03-08

申请号：US11371937

申请日：2006-03-10

申请人： Sushil Jajodia ,  Steven E. Noel ,  Pramod Kalapa ,  Brian C. O'Berry ,  Michael A. Jacobs ,  Eric B. Robertson ,  Robert G. Weierbach

发明人： Sushil Jajodia ,  Steven E. Noel ,  Pramod Kalapa ,  Brian C. O'Berry ,  Michael A. Jacobs ,  Eric B. Robertson ,  Robert G. Weierbach

IPC分类号： G06F12/14 ,  G06F12/16

CPC分类号： H04L41/12 ,  H04L63/1425

摘要： Disclosed is a system for modeling, analyzing, and responding to network attacks. Machines are mapped to components, components are mapped to vulnerabilities, and vulnerabilities are mapped to exploits. Each of the exploits includes at least one precondition mapped to at least one postcondition. An attack graph which defines inter-exploit distances is generated using at least one of the exploits. The attack graph is aggregated. At least one hardening option is determined using the aggregated attack graph. Hardening options include applying at least one corrective measure to at least one initial condition, where the initial condition is the initial state of a precondition.

摘要翻译： 公开了一种用于建模，分析和响应网络攻击的系统。 机器映射到组件，组件映射到漏洞，漏洞映射到漏洞。 每个漏洞包括映射到至少一个后置条件的至少一个前提条件。 使用至少一个漏洞利用生成定义间谍间距的攻击图。 攻击图被聚合。 使用聚合攻击图确定至少一个硬化选项。 加固选项包括将至少一个校正措施应用于至少一个初始条件，其中初始条件是前提条件的初始状态。