本文已被:浏览 1429次 下载 3001次
Received:September 15, 2011 Revised:November 06, 2011
Received:September 15, 2011 Revised:November 06, 2011
中文摘要: 网络脆弱点有导致访问者权限变更的隐患。从攻击者如何利用脆弱点获取目标实体未授予访问权限的角度出发,本文通过对拥有权限变更特征的脆弱点统一建模,引入take 权限变更规则和脆弱点权限变更规则的概念,在构建权限变更图基础上利用脆弱性权限变更算法进行权限变更路径的分析,得到网络权限变更闭包图及相应的权限获取路径。最后通过构建相应的网络实例分析并证明该方法的有效性。
Abstract:Network vulnerability can lead to right-variation. From the view of how an attacker uses the vulnerabilities to achieve the unauthorized right of the destination entity, this paper models the vulnerabilities which lead to right-variation and introduces the concept of take rule and vulnerability right-variation rule. Based on the constructed right-variation model and the rules, the right-variation road closure can be achieved by using the vulnerability right-variation algorithm. A vulnerable network is modeled as the study case and it shows the effectiveness of the approach.
文章编号: 中图分类号: 文献标志码:
基金项目:广东省科技计划项目(2009B090300326)
| Author Name | Affiliation |
| MO Qiu-Mei | School of Computer, South China Normal University, Guangzhou 510631, China |
| CHEN Qi-Mai | School of Computer, South China Normal University, Guangzhou 510631, China |
| Author Name | Affiliation |
| MO Qiu-Mei | School of Computer, South China Normal University, Guangzhou 510631, China |
| CHEN Qi-Mai | School of Computer, South China Normal University, Guangzhou 510631, China |
引用文本:
莫秋妹,陈启买.基于权限变更规则的网络脆弱性分析方法.计算机系统应用,2012,21(6):96-100
MO Qiu-Mei,CHEN Qi-Mai.Right-Variation Rule Based Network Vulnerability Analysis.COMPUTER SYSTEMS APPLICATIONS,2012,21(6):96-100
莫秋妹,陈启买.基于权限变更规则的网络脆弱性分析方法.计算机系统应用,2012,21(6):96-100
MO Qiu-Mei,CHEN Qi-Mai.Right-Variation Rule Based Network Vulnerability Analysis.COMPUTER SYSTEMS APPLICATIONS,2012,21(6):96-100
