基于对象Petri网的信任攻击建模与分析

doi:10.16182/j.issn1004731x.joss.201708009

摘要/Abstract

摘要： 在信任攻击图的基础上,提出了一种面向对象的信任攻击Petri网模型,该模型动态描述了攻击者在信任主体对象部件间的攻击行为。通过引入对象Petri网,使信任主体对象和部件间的信任攻击关系在Petri网中展现,从而模拟仿真了部件间协同工作的场景;根据重新编写的信任关系重建规则,提出了信任攻击路径推理算法,使攻击者在进行攻击的同时掌握攻击部件的危害度变化,从而决定进攻方向,找出到达攻击目标的最大威胁度攻击路径。最后用实例验证了该模型能够动态描述信任主体对象部件间的攻击关系,并准确找到信任环境中的信任攻击路径。

关键词: 信任, 信任攻击, 对象Petri网, 信任关系重建, 信任攻击路径

Abstract: On the basis of trust attack graph, the object-oriented trust attack Petri net model was put forward, the dynamic model described the attack behaviors among components of trust entity object. By introducing the object Petri net, the trust attack relations between trust entity objects and components were shown in the Petri net, simulating the collaborative work between the components. According to the new trust relation reconstruction rules, a trust attack path inference algorithm was proposed to make the attacker knowing the changes of harmfulness when attacking the components, thus the attacker could decide the attack direction. The maximal threat path which could arrive at an attack goal could be searched out. An experiment shows that the model can describe the dynamic trust entity object attack relations between components, and accurately find the trust attack path in the trust environment.

Key words: trust, trust attack, object Petri net, trust relation reconstruction, trust attack path

中图分类号:

TP393.08

黄光球, 白璐. 基于对象Petri网的信任攻击建模与分析[J]. 系统仿真学报, 2017, 29(8): 1702-1711.

Huang Guangqiu, Bai Lu. Modeling and Analysis of Trust Attack Based on Object-oriented Petri Net[J]. Journal of System Simulation, 2017, 29(8): 1702-1711.

参考文献

[1] 中国互联网信息中心. 中国互联网络发展状况统计报告[EB/OL]. (2015-02-03) [2015-09-24]. http://www.cnnic.net.cn /hlwfzyj/hlwxzbg/201502/P020150203551802054676.pdf.
[2] Blaze M, Feigenbaum J.Decentralized trust management [C]// Proceedings of the 17th Symposium on Security and Privacy. USA: IEEE Computer Society Press, 1996: 164-173.
[3] Yu B, Singh M P.Distributed reputation management for electronic commerce[J]. Computational Intelligence (S1860-949X), 2002, 18(4): 535-549.
[4] Almenárez F, Marín A, Díaz D, et al.Trust management for multimedia P2P applications in autonomic networking[J]. Ad Hoc Networks (S1570-8705), 2011, 9(4): 687-697.
[5] Yu Y, Li K, Zhou W, et al.Trust mechanisms in wireless sensor networks: Attack analysis and countermeasures[J]. Journal of Network and Computer Applications (S1084-8045), 2012, 35(3): 867-880.
[6] Xia H, Jia Z, Li X, et al.Trust prediction and trust-based source routing in mobile ad hoc networks[J]. Ad Hoc Networks (S1570-8705), 2013, 11(7): 2096-2114.
[7] Li X, Zhou F, Yang X.Scalable feedback aggregating (SFA) overlay for large-scale P2P trust management[J]. IEEE Transactions on Parallel and Distributed Systems (S1045-9219), 2012, 23(10): 1944-1957.
[8] Can A B, Bhargava B.SORT: A Self-Organizing Trust Model for Pee-to-Peer Systems[J]. IEEE Transactions on Dependable and Secure Computing (S1545-5971), 2013, 10(1): 14-27.
[9] 唐文, 陈钟. 基于模糊集合理论的主观信任管理模型研究[J]. 软件学报, 2003, 14(8): 1401-1408.
(Tang Wen, Chen Zhong.Research of Subjective Trust Management Model Based on the Fuzzy Set Theory[J]. Journal of Software (S1000-9825), 2003, 14(8): 1401-1408.)
[10] 胡建理, 周斌, 吴泉源. 一种P2P信任管理安全性协议[J]. 计算机科学, 2011, 38(10): 64-67, 90.(Hu Jianli, Zhou Bin, Wu Quanyuan. Security Protocol for Protecting the P2P Trust Information Management [J]. Computer Science (S1002-137X), 2011, 38(10): 64-67, 90.)
[11] 胡建理, 周斌, 吴泉源. P2P网络环境下基于信誉的分布式抗攻击信任管理模型[J]. 计算机研究与发展, 2011, 48(12): 2235-2241.
(Hu Jianli, Zhou Bin, Wu Quanyuan.A Reputation Based Attack-Resistant Distributed Trust Management Model for P2P Networks[J]. Journal of Computer Research and Development (S1000-1239), 2011, 48(12): 2235-2241.)
[12] 冯景瑜, 张玉清, 陈深龙, 等. P2P声誉系统中GoodRep攻击及其防御机制[J]. 计算机研究与发展, 2011, 48(8): 1473-1480.
(Feng Jing-yu, Zhang Yu-qing, Chen Shen-long, et al.GoodRep Attack and Defense in P2P Reputation Systems[J]. Journal of Computer Research and Development (S1000-1239), 2011, 48(8): 1473-1480.)
[13] 陆秋琴, 和涛, 黄光球, 等. 信任攻击建模方法[J]. 计算机工程与应用, 2012, 48(12): 129-135.
(Lu Qiuqin, He Tao, Huang Guangqiu, et al.Trust attack modeling[J]. Computer Engineering and Applications (S1002-8331), 2012, 48(12): 129-135.)
[14] 陆秋琴, 和涛, 黄光球, 等. 面向对象粗糙信任攻击威胁感知模型[J]. 计算机工程与应用, 2012, 48(30): 103-176.
(Lu Qiuqin, He Tao, Huang Guangqiu, et al.Object- oriented rough trust attack threat perception model[J]. Computer Engineering and Applications (S1002-8331), 2012, 48(30): 103-176.)
[15] 田俊峰, 吴丽娟. 基于多项式主观逻辑的扩展信任传播模型[J]. 通信学报, 2013, 34(5): 12-19.
(Tian Junfeng, Wu Lijuan.Multinomial subjective logic based extended trust propagation model[J]. Journal of Communications (S1000-436X), 2013, 34(5): 12-19.)
[16] 舒远仲, 刘炎培, 彭晓红, 等. 面向对象Petri网建模技术综述[J]. 计算机工程与设计, 2010, 31(15): 3432-3435.
(Shu Yuanzhong, Liu Yanpei, Peng Xiaohong, et al.Survey on object-oriented Petri net modeling[J]. Computer Engineering and Design (S1000-7024), 2010, 31(15): 3432-3435.)
[17] 吴迪, 冯登国, 连一峰, 等. 一种给定脆弱性环境下的安全措施效用评估模型[J]. 软件学报, 2012, 23(7): 1880-1898.
(Wu Di, Feng Dengguo, Lian Yifeng, et al.Efficiency Evaluation Model of System Security Measures in the Given Vulnerabilities Set[J]. Journal of Software (S1000-9825), 2012, 23(7): 1880-1898.)
[18] 陈锋, 刘德辉, 张怡, 等. 基于威胁传播模型的层次化网络安全评估方法[J]. 计算机研究与发展, 2011, 48(6): 945-954.
(Chen Feng, Liu Dehui, Zhang Yi, et al.A Hierarchical Evaluation Approach for Network Security Based on Threat Spread Model[J]. Journal of Computer Research and Development (S1000-1239), 2011, 48(6): 945-954.)
[19] 王玥, 蔡皖东, 段琪. 基于遗传算法的网络脆弱性计算方法[J]. 系统仿真学报, 2009, 21(6): 1628-1632.
(Wang Yue, Cai Wandong, Duan Qi.Computing Vulnerability of Network Based on Genetic Algorithm[J]. Jounal of System Simulation (S1004-731X), 2009, 21(6): 1628-1632.)