| 一个网络安全风险评估模型的研究与设计 |
| |
| 引用本文: | 冯妍,房鼎益,陈晓江.一个网络安全风险评估模型的研究与设计[J].计算机应用与软件,2007,24(5):28-31. |
| |
| 作者姓名: | 冯妍 房鼎益 陈晓江 |
| |
| 作者单位: | 1. 西北大学计算机科学系,陕西,西安,710127;西北农林科技大学信息工程学院,陕西,杨凌,712100
2. 西北大学计算机科学系,陕西,西安,710127 |
| |
| 基金项目: | 陕西省自然科学基金
,
航空基础科学基金 |
| |
| 摘 要: | 风险评估是综合的网络安全体系的基础和关键.在传统的风险评估中,大粒度的评测结果不能给管理员提供切实有用的信息.对此,提出了基于漏洞扫描和攻击效果评测的安全评估模型,采用自下而上、先局部后整体的层次化评估策略,利用服务和主机自身的重要性因子加权,分别计算服务、主机以及整个网络系统的风险指数,进而分析整个系统的安全态势.仿真试验测试表明,该模型能够准确评估服务、主机和网络系统3个层次的安全态势,在一定程度上提高了评估结果的准确性和一致性.
|
| 关 键 词: | 网络安全 风险评估 脆弱性 攻击 风险指数 网络系统 安全风险 评估模型 研究 设计 ASSESSMENT MODEL RISK NETWORK DESIGN 一致性 评估结果 程度 层次化 评估服务 试验测试 仿真 安全态势 分析 风险指数 计算服务 |
| 修稿时间: | 2005-10-13 |
RESEARCH ON THE DESIGN OF NETWORK RISK ASSESSMENT MODEL |
| |
| Feng Yan,Fang Dingyi,Chen Xiaojiang.RESEARCH ON THE DESIGN OF NETWORK RISK ASSESSMENT MODEL[J].Computer Applications and Software,2007,24(5):28-31. |
| |
| Authors: | Feng Yan Fang Dingyi Chen Xiaojiang |
| |
| Abstract: | Risk evaluation is the foundation of network security management. In traditional risk evaluation, useful security information cannot be obtained from big granularity assessment results. To cope with the problem, a new model based on vulnerability scan and attack effect evaluation, is proposed, which adopts a hierarchical evaluation policy, called "bottom to top, local to global" , to calculate the risk exponents of service, host and network system respectively by weighting the importance of service and host. A prototype is initially implemented which can evaluate the security situation in three levels; service, host and network system. Experiments show that the system can improve accuracy and consistency of assessment in certain extent. |
| |
| Keywords: | Network security Risk evaluation Vulnerability Attack Risk exponent |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
