	US 11,997,128 B2
	Method and apparatus for predicting attack vulnerability of computer network
Ki Jong Koo, Daejeon (KR); Dae Sung Moon, Daejeon (KR); Jooyoung Lee, Daejeon (KR); Ik Kyun Kim, Daejeon (KR); Kyungmin Park, Daejeon (KR); and Ho Hwang, Daejeon (KR)
Assigned to ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE, Daejeon (KR)
Filed by ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE, Daejeon (KR)
Filed on Aug. 5, 2021, as Appl. No. 17/394,989.
Claims priority of application No. 10-2020-0098708 (KR), filed on Aug. 6, 2020.
Prior Publication US 2022/0046048 A1, Feb. 10, 2022
Int. Cl. H04L 29/06 (2006.01); G06F 9/455 (2018.01); G06N 3/08 (2023.01); G06N 5/046 (2023.01); H04L 9/40 (2022.01)

CPC H04L 63/1433 (2013.01) [G06F 9/455 (2013.01); G06N 3/08 (2013.01); G06N 5/046 (2013.01)]

15 Claims

1. A method for predicting an attack vulnerability of a target computer network using a neural network model, the method comprising:

collecting topology and asset information of a computer network which is created in a virtual environment;

converting the topology and asset information into a training data set for training the neural network model;

training the neural network model based on the training data set; and

inferring the attack vulnerability of the target computer network using the trained neural network model,

wherein

the collecting topology and asset information of the computer network which is created in a virtual environment comprises:

constructing a virtual topology of the computer network in the virtual environment;

calculating a vulnerability score of each of a plurality of hosts included in the constructed virtual topology;

generating a host connection matrix between the plurality of hosts; and

generating an attack path table corresponding to the topology based on the host connection matrix and the vulnerability score of each of the plurality of hosts.