Active Cyber Attack Model for Network system's Vulnerability Assessment

摘要

In this paper, we architected active cyber attack model for assessing network system's vulnerability. As simulating cyber attack model in network system, we can identify the weakest point and inspect security policy. It also improved the capability of information collection and attack action, as using autonomous agents. Attack action agents which introduced attack a set of sequence number can reduce transmission overhead and hide attack scenario's information. We built attack scenario for attack process and technique of attack action agents. It is composed of attack pattern and tree. Action controller uses node's attack success percent(ASP) to choose the second best attack scenario after the first attack was failed. ASP is calculated with the ratio of all achieved events until the sub-node over all nodes of the attack tree.