Hidden target recognition method for high-speed network security threats based on attack graph theory

Abstract

Instantaneous traffic changes in high-speed networks will interfere with abnormal traffic characteristics, making it difficult to accurately identify hidden targets of security threats. This paper designs a high-speed network security threat hidden target recognition method based on attack graph theory. Using the high-speed network traffic reduction method, under the condition that the network topology remains unchanged, the instantaneous input traffic is reduced according to a certain proportion, and after compressing the flow data scale, the abnormal traffic of the high-speed network is identified through the convolutional recurrent neural network, and the information entropy is used to describe the high-speed network. The abnormal traffic characteristics of the network are used as constraints to design an attack graph of hidden targets of high-speed network security threats, and an attack path discovery method based on multi-heuristic information fusion is designed to extract attack paths of high-speed networks, locate attacking hosts, and identify hidden threat targets. In the experiment, the method can accurately identify the hidden targets of high-speed network security threats, and has better identification ability.