[1]周未,张宏,李博涵.基于攻防状态图模型的网络风险评估方法[J].东南大学学报(自然科学版),2016,46(4):688-694.[doi:10.3969/j.issn.1001-0505.2016.04.003]
 Zhou Wei,Zhang Hong,Li Bohan.Network risk assessment method based on attack-defense graph model[J].Journal of Southeast University (Natural Science Edition),2016,46(4):688-694.[doi:10.3969/j.issn.1001-0505.2016.04.003]
点击复制

基于攻防状态图模型的网络风险评估方法()
分享到:

《东南大学学报(自然科学版)》[ISSN:1001-0505/CN:32-1178/N]

卷:
46
期数:
2016年第4期
页码:
688-694
栏目:
计算机科学与工程
出版日期:
2016-07-20

文章信息/Info

Title:
Network risk assessment method based on attack-defense graph model
作者:
周未1张宏1李博涵2
1南京理工大学计算机科学与工程学院, 南京 210094; 2南京航空航天大学计算机科学与技术学院, 南京 211106
Author(s):
Zhou Wei1 Zhang Hong1 Li Bohan2
1School of Computer Science and Engineering, Nanjing University of Science and Technology, Nanjing 210094, China
2School of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing 211106, China
关键词:
信息网络 风险评估 攻防状态图
Keywords:
information network risk assessment attack-defense graph
分类号:
TP391.41
DOI:
10.3969/j.issn.1001-0505.2016.04.003
摘要:
采用自底向上的分析方法,提出了一种层次化的网络安全风险评估框架.该框架将网络安全风险分为脆弱点安全风险和攻击安全风险2部分,按照网络的层次结构逐层评估计算机网络的安全风险.在此基础上,进一步引入攻防图脆弱点置信度概念来衡量脆弱点存在攻防状态图中的可信程度.综合考虑多种脆弱点扫描器的扫描结果,提出一种基于攻防状态图模型的网络风险评估方法.该方法通过计算单个脆弱点的置信度,结合每种脆弱点的危害指数和攻击危害指数,推算出节点的脆弱点安全风险和攻击安全风险,评估单个节点的安全风险值.根据网络中各节点自身的权重,量化全网的安全风险.实验结果表明,该评估方法可有效、合理地评估指定网络的风险和安全状况.
Abstract:
Using the bottom-up analysis method, a hierarchical network security risk assessment framework is proposed. The framework includes two parts: vulnerability risk and attack security risk. In accordance with the framework, the network security risk is assessed layer by layer in terms of the network hierarchy. On this basis, the vulnerability reputation in attack-defense graph is further put forward in order to evaluate the reliability of each node. Combining results from various vulnerability scanning tools, a network risk assessment method based on attack-defense graph model is explored. Through computing the reputation of single vulnerable node, with vulnerability and attack hazard indices, the vulnerability and attack security risks of a node are calculated and then applied to assess the security risk value of single node. Moreover, with weights of nodes, the security risk of the whole network is scored. Experimental results show that the proposed method can reasonably evaluate the network risk.

参考文献/References:

[1] Porras P A, Fong M W, Valdes A. A mission-impact-based approach to INFOSEC alarm correlation [J]. Lecture Notes in Computer Science, 2002, 2516: 95-114. DOI:10.1007/3-540-36084-0_6.
[2] 房沛荣,唐刚,程晓妮.WPA/WPA2协议安全性分析[J].软件,2014,35(8):42-45. DOI:10.3969/j.issn.1003-6970.2014.08.009.
  Fang Peirong, Tang Gang, Cheng Xiaoni. Safety analysis of the WPA/WPA2 protocol [J]. Software, 2014, 35(8): 42-45. DOI:10.3969/j.issn.1003-6970.2014.08.009.(in Chinese)
[3] 姜伟,方滨兴,田志宏,等.基于攻防博弈模型的网络安全测评和最优主动防御[J].计算机学报,2009,32(4):817-827. DOI:10.3724/SP.J.1016.2009.00817.
  Jiang Wei, Fang Binxing, Tian Zhihong, et al. Evaluating network security and optimal active defense based on attack-defense game model [J]. Chinese Journal of Computers, 2009, 32(4): 817-827. DOI: 10.3724/SP.J.1016.2009.00817.(in Chinese)
[4] Li Q M, Li J. Rough outlier detection based security risk analysis methodology [J]. China Communication, 2012, 9(7): 14-21.
[5] 吴茜媛,郑庆华,王萍.一种可扩展的网络用户行为日志获取方法[J].软件,2014,35(10):21-25. DOI:10.3969/j.issn.1003-6970.2014.10.004.
  Wu Xiyuan, Zheng Qinghua, Wang Ping. A scalable approach on collecting web user behavior log[J]. Software, 2014, 35(10): 21-25. DOI:10.3969/j.issn.1003-6970.2014.10.004.(in Chinese)
[6] Phillips C, Swiler L P. A graph-based system for network-vulnerability analysis[C]//Proceedings of the 1998 Workshop on New Security Paradigms. New York: ACM,1998: 71-79. DOI:10.1145/310889.310919.
[7] Boyer S, Dain O, Cunningham R. Stellar: A fusion system for scenario construction and security risk assessment[C]//Third IEEE International Workshop on Information Assurance. IEEE, 2015: 105-116. DOI:10.1109/iwia.2005.16.
[8] Gehani A. Support for automated passive host-based intrusion response[D]. Durham, NC, USA: Department of Computer Science, Duke University, 2013.
[9] Hariri S, Qu G Z, Dharmagadda T, et al. Impact analysis of faults and attacks in large-scale networks[J]. IEEE Security & Privacy, 2013, 1(5): 49-54. DOI:10.1109/msecp.2003.1236235.
[10] Wyss G D, Schriner H K, Gaylor T R. Probabilistic logic modeling of network reliability for hybrid network architectures[C]//Proceedings of the 21st IEEE Conference on Local Computer Networks. Minneapolis, MN, USA, 1996: 404-413. DOI:10.1109/lcn.1996.558169.

相似文献/References:

[1]许妍,周亚子,陈曦,等.太湖梅梁湾沉积物和水生生物中有机氯农药分布特征及风险评估[J].东南大学学报(自然科学版),2015,45(2):328.[doi:10.3969/j.issn.1001-0505.2015.02.023]
 Xu Yan,Zhou Yazi,Chen Xi,et al.Chemical characterization and risk assessment of organochlorine pesticides in sediments and biota from Meiliang Bay of Taihu Lake[J].Journal of Southeast University (Natural Science Edition),2015,45(4):328.[doi:10.3969/j.issn.1001-0505.2015.02.023]
[2]陆建,程泽阳.道路交通网络安全风险辨识研究进展[J].东南大学学报(自然科学版),2019,49(2):404.[doi:10.3969/j.issn.1001-0505.2019.02.029]
 Lu Jian,Cheng Zeyang.Research and development of road traffic network security risk identification[J].Journal of Southeast University (Natural Science Edition),2019,49(4):404.[doi:10.3969/j.issn.1001-0505.2019.02.029]

备注/Memo

备注/Memo:
收稿日期: 2016-01-15.
作者简介: 周未(1979—),男,博士生;张宏(联系人),男,博士,教授,博士生导师,zhhong@mail.njust.edu.cn.
引用本文: 周未,张宏,李博涵.基于攻防状态图模型的网络风险评估方法[J].东南大学学报(自然科学版),2016,46(4):688-694. DOI:10.3969/j.issn.1001-0505.2016.04.003.
更新日期/Last Update: 2016-07-20