The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Intention recognition is the ability to predict an opposing forcepsilas high level goals. Knowing an attackerpsilas intention can support the decision-making of the network security administrators. Furthermore intent analysis plays an import role in the calculation of the inherent threat value. So how to recognize attack intention has become a research hot in network security domain recently.In this paper taxonomy of attack intention characterized by consequences of attack and targets of attack is introduced at first. Then a graphical model based on network security state is presented and used to recognize attack intention. D-S evidence theory is also introduced to deal with the uncertainty in the process of intent inference. Next algorithms of intention recognition and threat assessment are given in detail in order to offer a way to assess the network security situation. Finally several experiments are done in a local network. The results of the experiments prove the feasibility and validity of this method.