基于动态攻击图的网络安全实时评估

Real-time Network Security Assessment Based on Dynamic Attack Graph

针对网络安全评估对实时性及可视化的需求,提出了一种基于动态攻击图的实时评估方法。首先通过采集网络的脆弱性、网络拓扑、资产价值等安全属性信息,同时提取入侵检测系统的报警信息、防火墙策略、安全管理等动态攻防对抗信息,生成动态攻击图,并实时调整防御手段对网络进行及时、有效的保护,实时地对网络系统的安全状态进行评估,并采用可视化的方法展现评估结果,在此基础上给出整体安全策略调整建议。最后通过实验证明了本方法的可行性和有效性。

In order to evaluate the network security, a real-time security assessment method based on dynamic attack graph was presented. At first, network security related information such as network vulnerabilities, topology informa- tion, asset value, II）S alerts, and firewall rules was fused into attack graph. Then network security situation was evalua- ted and results were shown through visualization method,on this basis, some corresponding suggests were given to im- prove security. Finally, the feasibility and validity of this method were proved through some experiments.