期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

应用不完整攻击图分析的风险评估模型 被引量:4

A Risk Assessment Model Using Incomplete Attack Graphs Analysis
原文传递
导出
摘要 为了解决完整攻击图分析法存在的滞后性问题,对攻击图分析进行研究.引入不确定及未知信息因素,实现不完整攻击图分析(IAGA),提出一种基于不完整攻击图分析的风险评估模型(IAGARAM),动态反映系统实际风险状况,有效阻止损害信息系统的入侵行为,适用于整个企业业务生命周期. To solve the hysteresis problem of complete attack graphs analysis method,the existing attack graphs analysis is researched.By importing uncertain and unknown information,an incomplete attack graphs analysis(IAGA) method is proposed.A risk assessment model based on IAGA(IAGARAM) is also proposed,that will prevent asset losses from real intrusion activities,and is applicable to the business life cycle.
作者 吴焕 潘林 王晓箴 许榕生
机构地区 中国科学院高能物理研究所计算中心 中国科学院研究生院
出处 《北京邮电大学学报》 EI CAS CSCD 北大核心 2010年第3期57-61,共5页 Journal of Beijing University of Posts and Telecommunications
基金 国家科技支撑计划重点项目(2009BAH52B06) 北京市自然科学基金面上项目(4072010)
关键词 攻击图 攻击路径 不完整攻击图分析 风险评估 风险管理 attack graphs attack path incomplete attack graphs analysis risk assessment risk management
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献7

  • 1刘晶,伏飞,戴江山,肖军模.一种基于动态建链推理的网络攻击过程分析方法[J].电子科技大学学报,2006,35(5):819-822. 被引量:1
  • 2Noel S, Robertson E, Jajodia S. Correlating intrusion events and building attack scenarios through attack graph distances[ C ]//Proceedings of the 20th Annual Computer Security Applications Conference. [ s. l. ] : IEEE Com- puter Society, 2004: 350-359.
  • 3Wang Lingyu, Singhal A, Jajodia S. Measuring the overall security of network configurations using attack graphs [ C ]//Data and Applications Security 2007. Heidelberg: Springer, 2007: 98-112.
  • 4Ammann P, Wijesekera D, Kaushik S. Scalable, graph- based network vulnerability analysis[C]//Proceedings of the 9th ACM Conference on Computer and Communications Security. Washington D C: ACM Press, 2002: 217- 224.
  • 5张永铮,方滨兴,迟悦,云晓春.网络风险评估中网络节点关联性的研究[J].计算机学报,2007,30(2):234-240. 被引量:52
  • 6Chen Feng, Su Jinshu. A flexible approach to measuring network security using attack graphs [ C ]//2008 International Symposium on Electronic Commerce and Security. Guangzhou: IEEE Computer Society, 2008: 426-431.
  • 7邓新颖,杨庚,姚放吾,李晖.基于多阶段网络攻击的网络风险评估方法研究[J].计算机工程与应用,2006,42(18):133-135. 被引量:3

二级参考文献21

  • 1Stuart McClure.黑客大曝光-网络安全机密与解决方案[M].北京:清华大学出版社,2003.
  • 2Yong-Zheng Zhang,Bin-Xing Fang,Xiao-Chun Yun.A risk assessment approach for network information system[C].In:Proceedings of the Third International Conference on Machine Learning and Cybernetics,Shanghai, 2004 : 26-29
  • 3Jerald Dawkins,John Hale.A systematic approach to multi-stage network attack analysis[C].In:Proceedings of the Second IEEE International Information Assurance Workshop(IWIA'04),Charlotte,NC,USA, 2004 : 48-56
  • 4Paul Ammann,Duminda Wijesekera,Saket Kaushie.Scalable,graphbased network vulnerability analysis[C].In:CCS'02,Washington,DC, USA, 2002 : 18-22
  • 5Skaggs B,Blackbum B,Manes Get al.Network vulnerability analysis[C]. In:Proceedings of MWSCAS-2002,Tulsa,OK,2002:493-495
  • 6Wales E.Vulnerability assessment tools[J].Network Security,2003;22(7): 15-17
  • 7T Tidwell,R Larson,K Fitch et al.Modeling Internet attacks[C].In.. Proceedings of the 2001 IEEE Workshop on Information Assurance and Security United States Military Academy,West Point,2001:5-6
  • 8Dawkins,C Campbell,R Larson et al.Modeling network attacks:Extending the attack tree paradigm[C].In:Proceedings of Third Annual International Systems Security Engineering Association Conference,FL, Orlando, 2002 : 156-159
  • 9MIT Lincoln Lab. 2000 DARPA intrusion detection scenario specific datasets[DB/OL]. http://www.11.mit.edu/IST/ideval/data/ 2000/2000-data-index.html, 2004-09-30.
  • 10Sheyner O, Haines J, Somesh J, et al. Automated generation and analysis of attack graphs[C]//Proceddings of the 2002 IEEE symposium on security and privacy, Oakland, 2002.

共引文献53

同被引文献23

引证文献4

二级引证文献43

北京邮电大学学报
2010年 第3期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部