Information Technology Reference
In-Depth Information
Symbols which are not described in the
main part of the paper are as follows:
A — Network Attack; R1, I1 — Inter-
mediate states; CI — Collection of
Information; CT — Covering Tracks
(a) Network
Attack
(b) Reconnaissance
(c) Implantation and threat realiza-
tion
Fig. 1. Examples of State Machine Diagrams
Thus, in general case, the grammar production is recorded as follows: [( U )] X α
( Prob ), where U — the condition for the rule usage, [ ] — an optional element, X —
non-terminal symbol, α a string of terminal and non-terminal symbols, Prob — the
initial value of probability of the rule usage. It is assumed that if a value of the pro-
duction condition is not determined at the moment of production selection all avail-
able productions may be used at the respective step of attack simulation. Also it is
supposed that the terminal actions generated by productions are associated with the
probabilities of successful realization of those actions (attacks) and the host response.
Algorithmic representation of the attack generation specified as a family of formal
generalized grammars was implemented by a family of state machines .
The basic elements of each state machine are states and transition arcs. States of
each state machine are divided into three types: first (initial), intermediate, and final
(marker of this state is End ). The initial and intermediate states are the following:
Search WWH ::




Custom Search