期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种新的基于任务的安全量化评估方法 被引量:1

New Quantitative Method Based on Mission for Security Assessment
下载PDF
导出
摘要 提出了一种基于任务模型的安全量化评估方法,应用于静态的弱点评估和动态的威胁评估。与传统的风险评估方法相比,该模型以组织的任务目标为核心,避免主观偏见,排除大量无关弱点和威胁对评估的负面影响,评估结果更可信。实例分析表明,该方法能更准确、更全面的度量网络系统的安全性。 A new quantitative method based on mission tree for security assessment was proposed. It was applied for static vulnerability assessment and dynamic threat assessment. Compared with traditional risk assessment methods, this model took organizational mission target as core. It avoided the subjective bias, excluding negative influence of a great deal of irrelevant vulnerability and threat. A case indicates that this method can measure the security of network system more accurately and generally.
作者 马琳茹 杨林 王建新
机构地区 国防科学技术大学电子科学与工程学院 中国电子设备系统工程公司研究所
出处 《系统仿真学报》 EI CAS CSCD 北大核心 2007年第15期3372-3375,共4页 Journal of System Simulation
基金 国防"十一五"预研基金(9140A150601)
关键词 任务模型 关键状态 静态评估 动态评估 mission model key state static assessment dynamic assessment
分类号 TP391.9 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献7

  • 1Kim G H,Spafford E H.Writing.Supporting,and Evaluating Tripwire:A Publicly Available Security Tool[C]//UNIX Application Development Symposium.Toronto,Canada:the USENIX Association,1994:88-107.
  • 2Hamilton C R.Risk Management and Security[J].Information Systems Security (S1065-898X),1999,8(2):69-78.
  • 3Clark K,Dawkins J,Hale J.Security Risk Metrics:Fusion Enterp -rise Objectives and Vulnerabilities[C]//Proceedings of the 2005 IEEE Workshop on Information Assurance and Security.West Point,NY:United States Military Academy,2005.
  • 4Swanson M,Bartol N,Sabaro J,Hash I,Craffo L.Security metrics guide for information technology systems[M].U.S:National Institute for Standards Publication 800-55,2003.
  • 5Kendall K.A Database of Computer Attacks for the Evaluation of Intrusion Detection Systems,Master's Thesis[D].Boston:Massachusetts Institute of Technology,1999.
  • 6H S Venter,J H P Eloff.Harmonised Vulnerability Categories[J].South African Computer Journal (S1015-7999),2003,29:24-31.
  • 7陈秀真,郑庆华,管晓宏,林晨光.网络化系统安全态势评估的研究[J].西安交通大学学报,2004,38(4):404-408. 被引量:72

二级参考文献5

  • 1[1]Tim B. Multisensor data fusion for next generation distributed intrusion detection systems[A]. 1999 IRIS National Symposium on Sensor and Data Fusion, Laurel,USA,1999.
  • 2[2]Tim B. Intrusion systems and multisensor data fusion: creating cyberspace situational awareness[J]. Communications of the ACM, 2000, 43(4): 99~105.
  • 3[3]Martin R, Chris G.Snort users manual, Snort release 2.0.0[EB/OL].http://www.snort.org/docs/SnortUsersManual.pdf,2002-07-06.
  • 4[4]Tim B, Roger R. Defense-in-depth revisited:qualitative risk analysis methodology for complex network-centric operations[EB/OL].http://www.silkroad.com/papers/pdf/archives/defense-in-depth-revisited-original.pdf,2002-07-23.
  • 5[5]Honeynet Project.Know your enemy: statistics[EB/OL].http://www.HoneyNet.org/papers/stats/, 2001-07-22.

共引文献71

同被引文献7

引证文献1

二级引证文献26

系统仿真学报
2007年 第15期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部