APT Attack Prediction Model for Power Data Network Based on Ant Colony Algorithm

doi:10.3969/j.issn.1006-2475.2019.01.017

Abstract

Abstract: Advanced Persistent Threat (ATP) continuously collects business processes and target systems of attack objects in advance by the way of multi-dimension, multi-stage and multi-object, and anonymously implements data theft of network space. The power network has the natural stability demand, it covers a wide range, involves large scale and has great loss after disaster. There exist the problems of the limited security domain of network node fragmentation and the dynamic detection of the whole domain feature in current APT attack predictions. In this paper, an ATP attack prediction model for power data network based on ant colony algorithm is proposed. By designing the global trusted system model of power network, we use manifold to spread the security boundary and link the fragmented nodes to ensure global security control. The time model of APT attack is built to realize the damage analysis of the attack to the trusted system. Attack prediction model is equivalent to ant colony pheromone, which realizes automatic tracking and adaptation of APT attack. The tests and simulations show that the new model improves prediction accuracy by 12.6%.

Key words: advanced persistent threat, security threat, attack prediction, ant colony algorithm

CLC Number:

TP391

LIANG Jing-liang, HUANG Jun-sheng, BAI Shu-jun, WANG Peng, LI Rui. APT Attack Prediction Model for Power Data Network Based on Ant Colony Algorithm[J]. Computer and Modernization, doi: 10.3969/j.issn.1006-2475.2019.01.017.

References

［1］张瑜,潘小明,LIU Q Z,等. APT攻击与防御［J］. 清华大学学报(自然科学版), 2017,57(11):1127-1133.
［2］ CHEN J, SU C, YEH K H, et al. Special issue on advanced persistent threat［J］. Future Generation Computer Systems, 2018,79:243-246.
［3］程三军,王宇. APT攻击原理及防护技术分析［J］. 信息网络安全, 2016(9):118-123.
［4］付钰,李洪成,吴晓平,等. 基于大数据分析的APT攻击检测研究综述［J］. 通信学报, 2015,36(11):1-14.
［5］佟海奇. 面向未知木马的APT攻击检测方法研究［D］. 北京:北京邮电大学, 2015.
［6］张小松,牛伟纳,杨国武,等. 基于树型结构的APT攻击预测方法［J］. 电子科技大学学报, 2016,45(4):582-588.
［7］ LI F, LAI A, DDL D. Evidence of advanced persistent threat: A case study of malware for political espionage［C］// 2011 6th International Conference on Malicious and Unwanted Software. 2011:102-109.
［8］张瑜,LIU Q Z,李涛,等. 基于危险理论的APT攻击实时响应模型［J］. 四川大学学报(工程科学版), 2015,47(4):83-90.
［9］刘东鑫,刘国荣,王帅,等. 面向企业网的APT攻击特征分析及防御技术探讨［J］. 电信科学, 2013,29(12):158-163.
［10］MARCHETTI M, PIERAZZI F, COLAJANNI M, et al. Analysis of high volumes of network traffic for advanced persistent threat detection［J］. Computer Networks, 2016,109(Part 2):127-141.
［11］张之硕. 邮箱服务器APT攻击检测与防御工具的设计及实现［D］. 南京:南京大学, 2013.
［12］AUTY M. Anatomy of an advanced persistent threat［J］. Network Security, 2015, 2015(4):13-16.
［13］糜旗,朱杰,徐超,等. 基于APT网络攻击的技术研究［J］. 计算机与现代化, 2014(10):92-94,122.
［14］肖跃雷. 可信网络连接关键技术研究及其应用［D］. 西安:西安电子科技大学, 2013.
［15］马卓,马建峰,李兴华,等. 可证明安全的可信网络连接协议模型［J］. 计算机学报, 2011,34(9):1669-1678.
［16］曾梦凡,陈思洋,张文茜,等. 利用蚁群算法生成覆盖表:探索与挖掘［J］. 软件学报, 2016,27(4):855-878.
［17］吴华锋,陈信强,毛奇凰,等. 基于自然选择策略的蚁群算法求解TSP问题［J］. 通信学报, 2013,34(4):165-170.
［18］付永忠,潘云峰. 基于改进蚁群算法的垂直旋转式贴片机贴装顺序优化［J］. 计算机与现代化, 2017(8):17-21.
［19］王红凯,黄益彬,马志程. 电网信息安全设备联动关键技术［J］. 计算机与现代化, 2017(2): 57-60.

[1]	ZHANG Xiong, PAN Da-zhi, . Ant Colony Algorithm Combining Neighborhood Search Strategy for Vehicle Routing Problem with Time Window [J]. Computer and Modernization, 2022, 0(03): 98-102.
[2]	QU Jian-bo, SUN Jian-wei. Ant Colony Algorithm-based Navigation Satellite Power Enhancement Mission Planning [J]. Computer and Modernization, 2021, 0(02): 104-108.
[3]	GAO Yue-ren, WU Tao, GAO Xia. Dynamic Routing of Routing Frequency Based on Ant Colony Algorithm Optimization [J]. Computer and Modernization, 2020, 0(12): 32-37.
[4]	LI Xian-liang1，2, ZHOU Qing-ping2, TAN Chang-geng3, TAN Yan-liang2, XU Ze-yang2. Optimal Location of Urban Sports Facilities Based on Ant Colony Algorithm [J]. Computer and Modernization, 2020, 0(03): 33-.
[5]	YE Jia-qi1, FU Qiang1,2, HE Yi-jia1, YE Hao1 . Ant Colony Algorithm Based on Clustering Integration for Solving Large-scale TSP Problems [J]. Computer and Modernization, 2020, 0(02): 31-.
[6]	FU Yongzhong, PAN Yunfeng. Mounting Sequence Optimization for Vertical Rotary Chip Mounter #br# Based on Improved Ant Colony Algorithm [J]. Computer and Modernization, 2017, 0(8): 17-.
[7]	LING Yun-xiang1,2, SONG Zhi-yuan1, ZHANG Shi-hai1, MA Li2. Routing Optimization Problem of Vehicle Transport in Plateau Region Based on Ant Colony Algorithm [J]. Computer and Modernization, 2016, 0(9): 77-82.
[8]	CAI Ming， ZUO Yongan. A Hybrid Ant Colony Algorithm Based on MapReduce [J]. Computer and Modernization, 2016, 0(10): 6-.
[9]	CAI Wenzhe, WANG Binjun. A QoS Routing Algorithm for Plane Network Based on Ant Colony Algorithm [J]. Computer and Modernization, 2015, 0(12): 15-.
[10]	CHEN Man-qing1, WU Zi-rong1, CUI Wei-ning1, CHANG Ting-ting2. Application of Improved Ant Colony Optimization Algorithm in Equipment Support Route Selection [J]. Computer and Modernization, 2015, 0(11): 113-117.
[11]	ZHU Wei-xiao, ZHU Qian-wang, CHEN Kang. Sea Fleet Sensor Resource Allocation Model Based on Improved Ant Colony Algorithm [J]. Computer and Modernization, 2014, 0(12): 15-18+22.
[12]	LIU Xiao-xi;LI Zhuo-yue. Load Balancing of Cloud Environment Based on Optimized Ant Colony Algorithm [J]. Computer and Modernization, 2013, 1(9): 42-45.
[13]	YUAN Dong-feng;L Cong-ying. Application of Improved Ant Colony Algorithm for Quadratic Assignment Problems [J]. Computer and Modernization, 2013, 1(3): 9-11,1.
[14]	XIA Xianzhi;DU Xinyu;ZHENG Yangfei. Attribute Reduction Based on Ant Colony Genetic Algorithm [J]. Computer and Modernization, 2013, 1(1): 25-28.
[15]	LIANG De-sai;LIANG Gao-ye;WEI Si-qing. Solving Traveling Salesman Problem by an Adaptive Ant Colony Algorithm [J]. Computer and Modernization, 2012, 203(7): 14-16,2.