摘要
网络安全风险评估是网络系统安全管理的基础和前提。针对传统量化评估方法中普遍存在忽视节点关联性和差异性的问题,提出一种节点相关的网络安全风险量化方法。该方法通过在基于隐马尔科夫模型的量化评估过程中,引入网络节点关联性,解决了已有网络安全风险量化评估方法中普遍忽视节点关联性的问题;同时考虑主机的相对重要性,充分刻画出不同主机对网络风险贡献的差异性。仿真实验表明,该方法能更加精确地量化网络安全风险值,及时发现网络节点的脆弱性,为网络安全策略调整提供依据。
Network security risk assessment is the basis and prerequisite of network security management. Focused on the problem that traditional quantitative evaluation methods often neglect the correlations and differences of the nodes, this paper uses the network security risk quantitative evaluation method based on the hidden Markov model to introduce the correlations of nodes in order to improve the network security risk quantitative evaluation methods in which the affinity of nodes is generally ignored. In addition, the relative importance of the hosts is taken into account to distinguish the contribution of different hosts on the network risk. Simulation results show that the proposed method can quantify the value of network security risks more accurately, can discover the vulnerabil- ity of the network, and can provide the basis for the adjustment of the network security strategy.
出处
《信息工程大学学报》
2015年第2期145-151,共7页
Journal of Information Engineering University
基金
国家973计划资助项目(2012CB315905
2012CB315901)
