[1]马荟平,李 鹏,肖 航,等.基于贝叶斯攻击图的 RFID 系统安全评估模型[J].计算机技术与发展,2024,34(02):113-119.[doi:10. 3969 / j. issn. 1673-629X. 2024. 02. 017]
　MA Hui-ping,LI Peng,XIAO Hang,et al.RFID System Security Evaluation Model Based on Bayesian Attack Graph[J].,2024,34(02):113-119.[doi:10. 3969 / j. issn. 1673-629X. 2024. 02. 017]

点击复制

基于贝叶斯攻击图的 RFID 系统安全评估模型()

分享到：

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:

34

期数:

2024年02期

页码:

113-119

栏目:

网络空间安全

出版日期:

2024-02-10

文章信息/Info

Title:

RFID System Security Evaluation Model Based on Bayesian Attack Graph

文章编号:

1673-629X(2024)02-0113-07

作者:

马荟平¹ ; 李 鹏¹; 2 ; 肖 航¹ ; 朱 枫¹; 2

1. 南京邮电大学 计算机学院,江苏 南京 210023;

2. 江苏省无线传感网络高技术研究重点实验室,江苏 南京 210023

Author(s):

MA Hui-ping1 ; LI Peng1; 2 ; XIAO Hang1 ; ZHU Feng1; 2

1. School of Computer Science,Nanjing University of Posts and Telecommunications,Nanjing 210023,China;

2. Institute of Network Security and Trusted Computing,Nanjing 210023,China

关键词:

贝叶斯; 射频识别技术; 攻击图; 原子攻击; 属性节点; 安全评估

Keywords:

Bayesian; radio frequency identification; attack graph; atomic attack; attribute node; security evaluation

分类号:

TP393. 08

DOI:

10. 3969 / j. issn. 1673-629X. 2024. 02. 017

摘要:

针对目前 RFID( Radio Frequency Identification,射频识别技术) 系统安全分析中忽略攻击事件对系统安全状态动态影响的问题,为了有效实现 RFID 系统的安全风险评估,文章提出了一种基

于贝叶斯攻击图的 RFID 系统安全评估模型。该模型首先通过对 RFID 系统结构、所用协议进行分析确定系统的脆弱性漏洞及其依赖关系,建立攻击图。 针对攻击图模型只能进行定性分析的问题,构建出相应的攻击图模型结构后可以结合贝叶斯理论对其进行量化。 依据漏洞的利用难易度和影响程度建立 RFID 漏洞量化评价指标,计算出对应的原子攻击概率,然后以条件转移

概率的形式将攻击节点与RFID 系统的安全属性节点联系在一起,不仅能推断攻击者能够成功到达各个属性节点的风险概率,而且能够依据攻击者的不同行为动态展示系统风险状况的变化,实现评估不同状态下目标 RFID 系统的整体风险状况。 实验表明,所提模型可以有效地计算出 RFID 系统整体的风险概率,为后续实施对应的安全策略提供理论依据。

Abstract:

Aiming at the problem of ignoring the dynamic influence of attack events on the system security state in the current RFIDsystem security analysis,in order to effectively realize the security risk assessment of RFID system,we propose a security assessmentmodel of RFID system based on Bayesian attack graph. The model firstly determines the vulnerability and dependence of the system byanalyzing the RFID system structure and the protocol used, and establishes the attack diagram. For the problem that the attack graphmodel can only be qualitatively analyzed,the corresponding attack graph model structure can be quantified by combining Bayes theory.The RFID vulnerability quantitative evaluation index is established according to the exploit difficulty and impact degree of thevulnerability,the corresponding atomic attack probability is calculated,and then the attack node is associated with the security attributenode of the RFID system in the form of conditional transfer probability,which can not only infer the risk probability that the attacker cansuccessfully reach each attribute node. Moreover, it can dynamically display the changes of the system risk status according to thedifferent behaviors of the attacker,and realize the overall risk status of the target RFID system under different states. The experimentshows that the proposed model can effectively calculate the risk probability of the whole RFID system,and provide a theoretical basis forthe subsequent implementation of the corresponding security strategy.

常用功能