摘要
网络中的关键主机对网络的整体安全性有重大影响,但目前缺少有效方法在网络中寻找关键主机.该文对网络关键主机进行定义和分类,提出一种关键主机的寻找方法.将主机攻击图生成算法与迭代矩阵相结合,计算网络中各主机的相关安全属性并排序,使网络安全管理员能方便而有效地找出网络中的3类关键主机及对应的关键临界条件,从而采取相应措施保护关键主机.实验表明该方法可用于网络安全性分析,对提升网络整体安全性有重要意义.
Security of the key host is of prime importance to the overall network, but locating the key host di^cult. This paper gives a definition of key hosts, provides their classification, and propose an approach to finding the key hosts. The method uses the host-based attack graph and the theory of iterative matrix. By computing and sorting the security properties of each host, the network security administrator can identify key hosts and the corresponding key critical-conditions. Appropriate measures can then be taken to protect the key hosts and enhance the overall network security. Experiment shows that this approach can be applied to the analysis of network security, and is useful for the enhancement of network security.
出处
《应用科学学报》
EI
CAS
CSCD
北大核心
2012年第4期374-378,共5页
Journal of Applied Sciences
基金
国家自然科学基金(No.61003285)
国家发改委信息安全专项基金
教育部科学技术研究重点项目基金
中央高校基本科研业务费专项资金(No.BUPT2009RC0215)资助
关键词
关键主机
主机攻击图
迭代矩阵
网络安全
key host
host-based attack graph
iterative matrix
network security