CN114363095A - System vulnerability analysis method, system and medium based on petri net - Google Patents
System vulnerability analysis method, system and medium based on petri net Download PDFInfo
- Publication number
- CN114363095A CN114363095A CN202210270176.3A CN202210270176A CN114363095A CN 114363095 A CN114363095 A CN 114363095A CN 202210270176 A CN202210270176 A CN 202210270176A CN 114363095 A CN114363095 A CN 114363095A
- Authority
- CN
- China
- Prior art keywords
- probability
- node
- attack
- series
- parallel
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/10—Complex mathematical operations
- G06F17/16—Matrix or vector computation, e.g. matrix-matrix or matrix-vector multiplication, matrix factorization
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/10—Complex mathematical operations
- G06F17/18—Complex mathematical operations for evaluating statistical data, e.g. average values, frequency distributions, probability functions, regression analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/142—Network analysis or design using statistical or mathematical methods
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Data Mining & Analysis (AREA)
- Pure & Applied Mathematics (AREA)
- Mathematical Optimization (AREA)
- Mathematical Analysis (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computational Mathematics (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computing Systems (AREA)
- Algebra (AREA)
- Databases & Information Systems (AREA)
- Probability & Statistics with Applications (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Operations Research (AREA)
- Life Sciences & Earth Sciences (AREA)
- Bioinformatics & Cheminformatics (AREA)
- Bioinformatics & Computational Biology (AREA)
- Evolutionary Biology (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to a petri net-based system vulnerability analysis method, a petri net-based system and a computer-readable storage medium. The method comprises the steps of simulating an infection process from an initial node to a target node based on an attack sequence of series connection, parallel connection and series-parallel connection mixing to construct a Petri net infection model; calculating the probability that the target node is successfully attacked in different states based on the Petri network infection model and different infection probabilities and repair probabilities; and adjusting the network structure based on the probability that the target node is successfully attacked in the different states. The invention utilizes the petri net to model the dynamic flow of the attack behavior of the network node, and can dynamically depict the state of each node of the network; the security analysis is carried out aiming at the connection condition of network nodes of different systems, and the influence on the vulnerability of the system is obtained according to different attack probabilities and repair probabilities; the network architecture can thus be tailored to enhance protection and improve system security.
Description
Technical Field
The invention relates to the field of network security, in particular to a petri net-based system vulnerability analysis method, a petri net-based system vulnerability analysis system and a computer-readable storage medium.
Background
The safety evaluation is an important basis of system network safety, the attack process is modeled based on the petri net, network attack behaviors can be well described, and the petri net is constructed according to three network node connection modes. And solving the probability that the final node is successfully attacked according to the attacked probability and the gray level probability of each node. And the probability that the final target node is successfully attacked is used for describing the vulnerability of the network. However, in the prior art, most of modeling methods related to network security are event-based, and data flow analysis of system states is lacked. And the traditional detection methods are static passive, so that potential threats cannot be found in time, and the network structure cannot be adjusted and enhanced in time.
Disclosure of Invention
The technical problem to be solved by the present invention is to provide a petri net based system vulnerability analysis method, system and computer readable storage medium, aiming at the above defects in the prior art, and by simulating the attack and recovery process, the probability of successful attack on the target node is calculated, so that the potential threat can be found in time, and the network structure can be adjusted and the protection capability can be enhanced according to the protection requirement.
The technical scheme adopted by the invention for solving the technical problems is as follows: a system vulnerability analysis method based on a petri net is constructed, and the method comprises the following steps:
s1, simulating the infection process from the initial node to the target node based on the attack sequence of series connection, parallel connection and series-parallel connection mixture to construct a Petri net infection model;
s2, calculating the probability that the target node is successfully attacked in different states based on the Petri net infection model and different infection probabilities and repair probabilities;
and S3, adjusting the network structure based on the probability of successful attack of the target node under different states.
In the petri net-based system vulnerability analysis method of the present invention, the step S1 includes the following steps:
s11, simulating the infection process from the initial node to the target node based on the serial sequence to construct a Petri net serial infection model;
s12, simulating the infection process from the initial node to the target node based on the parallel sequence to construct a Petri network parallel infection model;
s13, simulating the infection process from the initial node to the target node based on the series-parallel mixed sequence to construct a Petri net series-parallel mixed infection model.
In the petri net-based system vulnerability analysis method of the present invention, the step S2 includes the following steps:
s21, obtaining a series state transition diagram, a parallel state transition diagram and a series-parallel mixed state transition diagram respectively based on the Petri net series infection model, the Petri net parallel infection model and the Petri net series-parallel mixed infection model;
and S22, calculating the probability that the target node is successfully attacked in different states based on the series state transition diagram, the parallel state transition diagram, the series-parallel mixed state transition diagram, the multiple evaluation attack probabilities and the multiple evaluation recovery probabilities.
In the petri net-based system vulnerability analysis method of the present invention, the step S22 includes the following steps:
s221, calculating the attack probability and the recovery probability of each node based on the evaluation attack probability and the evaluation recovery probability given to each node by m experts, wherein m is a positive integer;
s222, respectively calculating the probability that the target node is successfully attacked in the serial state, the probability that the target node is successfully attacked in the parallel state and the probability that the target node is successfully attacked in the serial and parallel mixed state based on the serial state transition diagram, the parallel state transition diagram, the serial and parallel mixed state transition diagram and the attack probability and recovery probability of each node;
and S223, assuming that the attack probability and the recovery probability of each node are the same, and under the condition of supposing that the number of the same nodes is the same, the probability that the target node is successfully attacked in the serial state is the lowest.
In the method for analyzing vulnerability of a petri net-based system, the step S221 further includes the following steps:
s2211, constructing a probability matrix based on the evaluation attack probability and the evaluation recovery probability given by m experts to each node:
wherein Z1 … Zm represents m experts, lambda1…λkRepresenting the probability of attack of k nodes, u1…ukDenotes the recovery probability of l nodes, Z λ11…Zλ1kExpress expert 1 vs. lambda1…λkEvaluation of the probability of attack, Zu11…Zu l1Representing expert 1 vs u1…u l Evaluation of attack probability, …, Z λm1…ZλmkRepresenting expert m vs. lambda1…λkEvaluation of the probability of attack, Zum1… Zu lmRepresenting m pairs u of experts1…u l Evaluating the attack probability; wherein the evaluation attack probability and the evaluation recovery probability take values of [ 0-1%]To (c) to (d);
In the method for analyzing vulnerability of petri net-based system, the step S222 further includes the following steps:
s2221, based on the series state transition diagram and the attack probability and the recovery probability of each node, calculating the probability that the target node is successfully attacked in the series stateWhere n represents the number of nodes in series,the probability of attack of each node is represented,representing a recovery probability for each node;
s2222, based on the parallel state transition graph and the attack probability and the recovery probability of each node, calculating the probability that the target node is successfully attacked in the parallel stateWhere n denotes the number of branches in parallel, each branch havingEach node having an attack probability of each intermediate nodeThe recovery probability is;
S2223, based on the series-parallel mixed state transition diagram and the attack probability and the recovery probability of each node, calculating the probability that the target node is successfully attacked in the series-parallel mixed state(ii) a WhereinlRepresenting the number of nodes in series, each node in series having an attack probability ofThe recovery probability is(ii) a n represents the number of branches in parallel, each branch havingEach node having an attack probability of each intermediate nodeThe recovery probability is。
In the method for analyzing vulnerability of petri net-based system, step S223 further includes:
s2231, assuming that attack probabilities of each node are the same and are respectively lambda, recovery probabilities are the same and are respectively u, and the number of nodes is the same, respectively calculating the probability that a target node is successfully attacked in a serial state, the probability that the target node is successfully attacked in a parallel state and the probability that the target node is successfully attacked in a serial-parallel mixed state as follows:
and S2232, judging that the number of the nodes is the same, and the probability that the target node is successfully attacked in the serial state is the lowest.
In the method for analyzing vulnerability of a petri net-based system, in step S3, when the number of nodes is the same, the network structure is adjusted based on the lowest probability that the target node is successfully attacked in the series state.
Another technical solution adopted by the present invention to solve the technical problem is to construct a petri net based system vulnerability analysis system, which includes a plurality of network nodes that communicate with each other to form a communication network, wherein the plurality of network nodes include a processor and a memory, and a computer-readable storage medium is stored in the memory, and when the computer-readable storage medium is executed by the processor, the petri net based system vulnerability analysis method is implemented.
In order to solve the technical problem, a computer-readable storage medium is constructed, and when the computer-readable storage medium is executed by a processor, the petri net-based system vulnerability analysis method is implemented.
By implementing the petri net-based system vulnerability analysis method, the petri net-based system vulnerability analysis system and the computer-readable storage medium, the dynamic process of the attack behavior of the network nodes is modeled by using the petri net, and the states of various nodes of the network can be dynamically described; the security analysis is carried out aiming at the connection condition of network nodes of different systems, and the influence on the vulnerability of the system is obtained according to different attack probabilities and repair probabilities. Therefore, the network structure can be adjusted in a targeted manner, the protection capability is enhanced, and finally the system safety is improved.
Drawings
The invention will be further described with reference to the accompanying drawings and examples, in which:
FIG. 1 is a flow diagram of a preferred embodiment of the petri net based system vulnerability analysis method of the present invention;
FIGS. 2A-2C are schematic diagrams illustrating simulation of connection of an initial node A to a target node E based on a series order, a parallel order, and a mixed series-parallel order, respectively;
FIGS. 3A-3C show schematic diagrams of a Petri net series infection model, a Petri net parallel infection model, and a Petri net series parallel hybrid infection model, respectively;
fig. 4A-4C show a series state transition diagram, a parallel state transition diagram, and a series-parallel hybrid state transition diagram, respectively.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The invention relates to a petri net-based system vulnerability analysis method, which comprises the following steps: s1, simulating the infection process from the initial node to the target node based on the attack sequence of series connection, parallel connection and series-parallel connection mixture to construct a Petri net infection model; s2, calculating the probability that the target node is successfully attacked in different states based on the Petri net infection model and different infection probabilities and repair probabilities; and S3, adjusting the network structure based on the probability of successful attack of the target node under different states. The invention utilizes the petri net to model the dynamic flow of the attack behavior of the network node, and can dynamically depict the state of each node of the network; the security analysis is carried out aiming at the connection condition of network nodes of different systems, and the influence on the vulnerability of the system is obtained according to the different attack probabilities and the different repair probabilities, so that the network structure can be adjusted in a targeted manner, the protection capability is enhanced, and the system security is finally improved.
FIG. 1 is a flow diagram of a preferred embodiment of the petri net based system vulnerability analysis method of the present invention. As shown in fig. 1, in step S1, the infection process from the initial node to the target node is simulated based on the attack sequence of series connection, parallel connection and series-parallel connection mixture to construct a Petri net infection model.
Preferably, the step S1 further includes simulating the infection process from the initial node to the target node based on the tandem sequence to construct a Petri net tandem infection model; simulating an infection process from the initial node to the target node based on a parallel sequence to construct a Petri network parallel infection model; simulating the infection process from the initial node to the target node based on the series-parallel mixed sequence to construct a Petri net series-parallel mixed infection model.
Fig. 2A-2C show schematic diagrams simulating the connection of an initial node a to a target node E based on a series order, a parallel order, and a series-parallel hybrid order, respectively. Fig. 3A-3C show schematic diagrams of a Petri net series infection model, a Petri net parallel infection model, and a Petri net series-parallel hybrid infection model, respectively. The symbolic meanings in the Petri net tandem infection model shown in FIG. 3A are shown in the following Table 1:
TABLE 1
The symbolic meanings in the Petri net parallel infection model shown in fig. 3B are shown in table 2 below:
TABLE 2
The symbolic meanings in the Petri net series-parallel mixed infection model shown in FIG. 3C are shown in the following table 3:
TABLE 3
In step S2, based on the Petri net infection model and the different infection probabilities and repair probabilities, the probability that the target node is successfully attacked in different states is calculated.
In a preferred embodiment of the present invention, the step S2 includes the steps of: s21, obtaining a series state transition diagram, a parallel state transition diagram and a series-parallel mixed state transition diagram respectively based on the Petri net series infection model, the Petri net parallel infection model and the Petri net series-parallel mixed infection model; and S22, calculating the probability that the target node is successfully attacked in different states based on the series state transition diagram, the parallel state transition diagram, the series-parallel mixed state transition diagram, the multiple evaluation attack probabilities and the multiple evaluation recovery probabilities.
Fig. 4A-4C show a series state transition diagram, a parallel state transition diagram, and a series-parallel hybrid state transition diagram, respectively. The symbols in FIGS. 4A-4C have the following meanings:
The step S22 preferably includes the steps of: s221, calculating the attack probability and the recovery probability of each node based on the evaluation attack probability and the evaluation recovery probability given to each node by m experts, wherein m is a positive integer; s222, respectively calculating the probability that the target node is successfully attacked in the serial state, the probability that the target node is successfully attacked in the parallel state and the probability that the target node is successfully attacked in the serial and parallel mixed state based on the serial state transition diagram, the parallel state transition diagram, the serial and parallel mixed state transition diagram and the attack probability and recovery probability of each node; and S223, assuming that the attack probability and the recovery probability of each node are the same, and under the condition of supposing that the number of the same nodes is the same, the probability that the target node is successfully attacked in the serial state is the lowest.
Further, the attack probability and recovery probability calculation step (i.e., step S221) for each node includes the following steps S2211 to S2212.
In step S2211, a probability matrix is constructed based on the estimated attack probability and the estimated recovery probability given to each node by the m experts:
wherein Z1 … Zm represents m experts, lambda1…λkRepresenting the probability of attack of k nodes, u1…ukDenotes the recovery probability of l nodes, Z λ11…Zλ1kExpress expert 1 vs. lambda1…λkEvaluation of the probability of attack, Zu11…Zu l1Representing expert 1 vs u1…u l Evaluation of attack probability, …, Z λm1…ZλmkRepresenting expert m vs. lambda1…λkEvaluation of the probability of attack, Zum1…Zu lmRepresenting m pairs u of experts1…u l Evaluating the attack probability; wherein the evaluation attack probability and the evaluation recovery probability take values of [ 0-1%]In the meantime.
Further, the attack probability and recovery probability calculation step (i.e., step S222) of the target node in each state includes the following steps S2221 to S2223.
In step S2221, the probability that the target node is successfully attacked in the series state is calculated based on the series state transition diagram and the attack probability and the recovery probability of each nodeWhere n represents the number of nodes in series,the probability of attack of each node is represented,representing the probability of recovery for each node.
Taking nodes a-E as an example, the specific calculation process is as follows.
Probability P of each node being attacked in series1(A)…P1(E) The calculation is as follows:
therefore, the probability of successful attack of the target node in the serial state can be calculatedWhere n represents the number of nodes in series,the probability of attack of each node is represented,representing the probability of recovery for each node.
In step S2222, the probability that the target node is successfully attacked in the parallel state is calculated based on the parallel state transition diagram and the attack probability and the recovery probability of each nodeWhere n denotes the number of branches in parallel, each branch havingEach node having an attack probability of each intermediate nodeThe recovery probability is。
Taking nodes a-E as an example, the specific calculation process is as follows.
Probability P of each node being attacked in parallel1(A)…P1(E) The calculation is as follows:
therefore, the attack probability and the recovery probability of each node can be conjectured to calculate the probability that the target node is successfully attacked in the parallel stateWhere n denotes the number of branches in parallel, each branch havingEach node having an attack probability of each intermediate nodeThe recovery probability is。
In step S2223, the probability that the target node is successfully attacked in the series-parallel hybrid state is calculated based on the series-parallel hybrid state transition diagram and the attack probability and the recovery probability of each node(ii) a WhereinlRepresenting the number of nodes in series, each node in series having an attack probability ofThe recovery probability is(ii) a n represents the number of branches in parallel, each branch havingEach node having an attack probability of each intermediate nodeThe recovery probability is。
Taking nodes a-E as an example, the specific calculation process is as follows.
The attack probability and the recovery probability of each node calculate the probability that the target node is successfully attacked in a series-parallel mixed state(ii) a WhereinlRepresenting the number of nodes in series, each node in series having an attack probability ofThe recovery probability is(ii) a n represents the number of branches in parallel, each branch havingEach node having an attack probability of each intermediate nodeThe recovery probability is。
Under the condition that the attack probability and the recovery probability of each node are the same and the number of the same nodes is presumed, the specific steps that the probability that the target node is successfully attacked in the serial state is the lowest are as follows.
Assuming that the attack probability of each node is the same and is λ, the recovery probability is the same and is u, and the number of nodes is the same, that is, the 5 nodes a-E respectively calculate the probability that the target node is successfully attacked in the serial state, the probability that the target node is successfully attacked in the parallel state, and the probability that the target node is successfully attacked in the mixed state of the serial and parallel states as follows:
and when the number of the nodes is judged to be the same, the probability that the target node is successfully attacked is the lowest in the serial state.
Returning to fig. 1, in step S3, it is determined that the network configuration is adjusted based on the lowest probability that the target node is successfully attacked in the tandem state when the number of nodes is the same. Based on the conclusion, when the network is constructed, the serial network structure can be adopted as much as possible when the number of the nodes is the same. When the number of the nodes is different, the suitable series, parallel or series-parallel hybrid network structure can be selected by calculating the probability of successful attack of the target node based on the different states.
The invention utilizes the petri net to model the dynamic flow of the attack behavior of the network node, and can dynamically depict the state of each node of the network. The security analysis is carried out aiming at the connection condition of network nodes of different systems, and further, the influence on the vulnerability of the system is obtained according to different attack probabilities and repair probabilities. Therefore, the network structure can be adjusted in a targeted manner, the protection capability is enhanced, and finally the system security is improved.
A further preferred embodiment of the present invention also relates to a petri net based system vulnerability analysis system, comprising network nodes communicating with each other to form a communication network, wherein the plurality of network nodes comprise a processor and a memory, and a computer readable storage medium is stored in the memory, and when the computer readable storage medium is executed by the processor, the petri net based system vulnerability analysis method is implemented.
Further preferred embodiments of the present invention also relate to a computer-readable storage medium that, when executed by a processor, implements the petri net-based system vulnerability analysis method.
Accordingly, the present invention can be realized in hardware, software, or a combination of hardware and software. The present invention can be realized in a centralized fashion in at least one computer system, or in a distributed fashion where different elements are spread across several interconnected computer systems. Any kind of computer system or other apparatus adapted for carrying out the methods of the present invention is suited. A typical combination of hardware and software could be a general purpose computer system with a computer program that, when being loaded and executed, controls the computer system such that it carries out the methods described herein.
The present invention may also be implemented by a computer program product, comprising all the features enabling the implementation of the methods of the invention, when loaded in a computer system. The computer program in this document refers to: any expression, in any programming language, code or notation, of a set of instructions intended to cause a system having an information processing capability to perform a particular function either directly or after either or both of the following: a) conversion to other languages, codes or symbols; b) reproduced in a different format.
While the invention has been described with reference to specific embodiments, it will be understood by those skilled in the art that various changes may be made and equivalents may be substituted without departing from the scope of the invention. In addition, many modifications may be made to adapt a particular situation or material to the teachings of the invention without departing from its scope. Therefore, it is intended that the invention not be limited to the particular embodiment disclosed, but that the invention will include all embodiments falling within the scope of the appended claims.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.
Claims (10)
1. A petri net-based system vulnerability analysis method is characterized by comprising the following steps:
s1, simulating the infection process from the initial node to the target node based on the attack sequence of series connection, parallel connection and series-parallel connection mixture to construct a Petri net infection model;
s2, calculating the probability that the target node is successfully attacked in different states based on the Petri net infection model and different infection probabilities and repair probabilities;
and S3, adjusting the network structure based on the probability of successful attack of the target node under different states.
2. The petri net based system vulnerability analysis method of claim 1, wherein the step S1 comprises the steps of:
s11, simulating the infection process from the initial node to the target node based on the serial sequence to construct a Petri net serial infection model;
s12, simulating the infection process from the initial node to the target node based on the parallel sequence to construct a Petri network parallel infection model;
s13, simulating the infection process from the initial node to the target node based on the series-parallel mixed sequence to construct a Petri net series-parallel mixed infection model.
3. The petri net based system vulnerability analysis method of claim 2, wherein the step S2 comprises the steps of:
s21, obtaining a series state transition diagram, a parallel state transition diagram and a series-parallel mixed state transition diagram respectively based on the Petri net series infection model, the Petri net parallel infection model and the Petri net series-parallel mixed infection model;
and S22, calculating the probability that the target node is successfully attacked in different states based on the series state transition diagram, the parallel state transition diagram, the series-parallel mixed state transition diagram, the multiple evaluation attack probabilities and the multiple evaluation recovery probabilities.
4. The petri net based system vulnerability analysis method of claim 3, wherein the step S22 comprises the steps of:
s221, calculating the attack probability and the recovery probability of each node based on the evaluation attack probability and the evaluation recovery probability given to each node by m experts, wherein m is a positive integer;
s222, respectively calculating the probability that the target node is successfully attacked in the serial state, the probability that the target node is successfully attacked in the parallel state and the probability that the target node is successfully attacked in the serial and parallel mixed state based on the serial state transition diagram, the parallel state transition diagram, the serial and parallel mixed state transition diagram and the attack probability and recovery probability of each node;
and S223, assuming that the attack probability and the recovery probability of each node are the same, and under the condition of supposing that the number of the same nodes is the same, the probability that the target node is successfully attacked in the serial state is the lowest.
5. The petri net based system vulnerability analysis method of claim 4, wherein the step S221 further comprises the steps of:
s2211, constructing a probability matrix based on the evaluation attack probability and the evaluation recovery probability given by m experts to each node:
wherein Z1 … Zm represents m experts, lambda1…λkRepresenting the probability of attack of k nodes, u1…ukDenotes the recovery probability of l nodes, Z λ11…Zλ1kExpress expert 1 vs. lambda1…λkEvaluation of the probability of attack, Zu11…Zu l1Representing expert 1 vs u1…u l Evaluation of attack probability, …, Z λm1…ZλmkRepresenting expert m vs. lambda1…λkEvaluation of the probability of attack, Zum1… Zu lmRepresenting m pairs u of experts1…u l Evaluating the attack probability; wherein the evaluation attack probability and the evaluation recovery probability take values of [ 0-1%]To (c) to (d);
6. The petri net based system vulnerability analysis method of claim 5, wherein the step S222 further comprises the steps of:
s2221, based on the series state transition diagram and the attack probability and the recovery probability of each node, calculating the probability that the target node is successfully attacked in the series stateWhere n represents the number of nodes in series,the probability of attack of each node is represented,representing a recovery probability for each node;
s2222, based on the parallel state transition graph and the attack probability and the recovery probability of each node, calculating the probability that the target node is successfully attacked in the parallel stateWhere n denotes the number of branches in parallel, each branch havingEach node having an attack probability of each intermediate nodeThe recovery probability is;
S2223, based on the series-parallel mixed state transition diagram and the attack probability and the recovery probability of each node, calculating the probability that the target node is successfully attacked in the series-parallel mixed state(ii) a WhereinlRepresenting the number of nodes in series, each node in series having an attack probability ofThe recovery probability is(ii) a n represents the number of branches in parallel, each branch havingEach node having an attack probability of each intermediate nodeThe recovery probability is。
7. The petri net based system vulnerability analysis method of claim 6, wherein the step S223 further comprises:
s2231, assuming that attack probabilities of each node are the same and are respectively lambda, recovery probabilities are the same and are respectively u, and the number of nodes is the same, respectively calculating the probability that a target node is successfully attacked in a serial state, the probability that the target node is successfully attacked in a parallel state and the probability that the target node is successfully attacked in a serial-parallel mixed state as follows:
and S2232, judging that the number of the nodes is the same, and the probability that the target node is successfully attacked in the serial state is the lowest.
8. The petri net based system vulnerability analysis method of claim 6, wherein in the step S3, the network structure is adjusted based on the lowest probability of successful attack of the target node in the series state when the number of nodes is the same.
9. A petri net based system vulnerability analysis system, comprising a plurality of network nodes communicating with each other to form a communication network, wherein the plurality of network nodes comprise a processor and a memory, and the memory stores a computer readable storage medium, and when the processor executes the computer readable storage medium, the petri net based system vulnerability analysis method according to any one of claims 1-8 is implemented.
10. A computer readable storage medium which, when executed by a processor, implements the petri net-based system vulnerability analysis method of any of claims 1-8.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210270176.3A CN114363095B (en) | 2022-03-18 | 2022-03-18 | System vulnerability analysis method, system and medium based on petri net |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210270176.3A CN114363095B (en) | 2022-03-18 | 2022-03-18 | System vulnerability analysis method, system and medium based on petri net |
Publications (2)
Publication Number | Publication Date |
---|---|
CN114363095A true CN114363095A (en) | 2022-04-15 |
CN114363095B CN114363095B (en) | 2022-07-12 |
Family
ID=81094576
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210270176.3A Active CN114363095B (en) | 2022-03-18 | 2022-03-18 | System vulnerability analysis method, system and medium based on petri net |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114363095B (en) |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102413003A (en) * | 2010-09-20 | 2012-04-11 | 中国科学院计算技术研究所 | Method and system for detecting network security |
CN106100877A (en) * | 2016-06-02 | 2016-11-09 | 东南大学 | A kind of power system reply network attack vulnerability assessment method |
US20180032707A1 (en) * | 2015-01-19 | 2018-02-01 | Nec Corporation | Authentication apparatus, method, system and program, and server apparatus |
CN110971565A (en) * | 2018-09-29 | 2020-04-07 | 全球能源互联网研究院有限公司 | Source network load system vulnerability evaluation method and system based on malicious attack modeling |
CN112688315A (en) * | 2020-12-16 | 2021-04-20 | 国网辽宁省电力有限公司经济技术研究院 | Attack and defense system and method based on electric vehicle power distribution network information physical system |
CN113408114A (en) * | 2021-06-04 | 2021-09-17 | 中国电力科学研究院有限公司 | Method and system for evaluating vulnerability threat degree of power monitoring system equipment |
-
2022
- 2022-03-18 CN CN202210270176.3A patent/CN114363095B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102413003A (en) * | 2010-09-20 | 2012-04-11 | 中国科学院计算技术研究所 | Method and system for detecting network security |
US20180032707A1 (en) * | 2015-01-19 | 2018-02-01 | Nec Corporation | Authentication apparatus, method, system and program, and server apparatus |
CN106100877A (en) * | 2016-06-02 | 2016-11-09 | 东南大学 | A kind of power system reply network attack vulnerability assessment method |
CN110971565A (en) * | 2018-09-29 | 2020-04-07 | 全球能源互联网研究院有限公司 | Source network load system vulnerability evaluation method and system based on malicious attack modeling |
CN112688315A (en) * | 2020-12-16 | 2021-04-20 | 国网辽宁省电力有限公司经济技术研究院 | Attack and defense system and method based on electric vehicle power distribution network information physical system |
CN113408114A (en) * | 2021-06-04 | 2021-09-17 | 中国电力科学研究院有限公司 | Method and system for evaluating vulnerability threat degree of power monitoring system equipment |
Non-Patent Citations (2)
Title |
---|
兰丽等: "基于随机Petri网的铁路时间同步网协议脆弱性分析", 《铁道学报》 * |
李春亮等: "计算机网络攻防建模仿真研究综述", 《计算机仿真》 * |
Also Published As
Publication number | Publication date |
---|---|
CN114363095B (en) | 2022-07-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Moreno-Centeno et al. | The implicit hitting set approach to solve combinatorial optimization problems with an application to multigenome alignment | |
CN109698823B (en) | Network threat discovery method | |
Wierstra et al. | Modeling systems with internal state using evolino | |
Blount et al. | Adaptive rule-based malware detection employing learning classifier systems: a proof of concept | |
Fischer et al. | Adversarial resilience learning-towards systemic vulnerability analysis for large and complex systems | |
Abd et al. | Rao-SVM machine learning algorithm for intrusion detection system | |
CN111027697A (en) | Genetic algorithm packaged feature selection power grid intrusion detection method | |
CN114844701A (en) | Network intrusion intention analysis method based on Bayesian attack graph | |
CN114363095B (en) | System vulnerability analysis method, system and medium based on petri net | |
WO2022124449A1 (en) | Method for optimizing hyper parameter of lightweight artificial intelligence algorithm by using genetic algorithm | |
Jones et al. | Comparison of ant colony optimisation and differential evolution | |
Herajy et al. | An improved simulation of hybrid biological models with many stochastic events and quasi-disjoint subnets | |
CN115150152B (en) | Network user actual authority quick reasoning method based on authority dependency graph reduction | |
Valencia Cabrera et al. | Modeling logic gene networks by means of probabilistic dynamic P systems | |
CN107430506A (en) | It was found that vector in repetition values multiple examples method and apparatus and the application to sequence | |
CN115169131A (en) | Toughness-based combat system node protection method and device and electronic equipment | |
CN115454473A (en) | Data processing method based on deep learning vulnerability decision and information security system | |
Vescan | A metrics-based evolutionary approach for the component selection problem | |
Katagiri et al. | Network Structure Oriented Evolutionary Model: Genetic Network Programming Its Comparison with Genetic Programming | |
CN104615484A (en) | Adaptive sandbox creation method and adaptive sandbox creation system | |
CN106911462B (en) | Wireless router password analysis method based on gene expression programming | |
Baten et al. | Biological sequence data preprocessing for classification: A case study in splice site identification | |
CN114124726B (en) | Data link vulnerability analysis method based on discrete event system paradigm | |
Liu et al. | AAG: A Model for Attack Behavior Judgment in CTF-style Cyber Security Training | |
Ye et al. | Genetic network programming with reconstructed individuals |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |