Intrusive intention recognition based on attack path graph

In order to predict an attacker's high level goals and assess network security situation, an intrusive intention recognition method is presented in this paper. Concept and taxonomy of intrusive intention are introduced at first. Then, to reduce complexity of understanding and analysis, a method of hierarchical attack path graph generation is proposed to recognize intrusive intention. Based on the attack path graph, the algorithms for evaluating quantitatively intention accessibility, reliable probability, attack path prediction and possible minimum attack path are developed. Next, economical and effective protective measures are addressed to block attackers' intention to be achieved, by applying minimum vertex cut set theory to directed graph. Finally several experiments are done to prove the feasibility and validity of this method.