期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种网络安全脆弱性评估方法 被引量:8

A assessment method of network security vulnerability
下载PDF
导出
摘要 针对WIVSS默认评分机制无法体现脆弱点复杂性和多样性的缺点,对脆弱性分析理论与脆弱点评分技术进行分析,在通用脆弱点评分系统(common vulnerability scoring system,CVSS)基础上进行改进,设计了一种更具多样性且更能反映实际情况的脆弱点评分方法.该脆弱点评分方法主要由分析后得出的一系列实际系统约束规则出发,使用最优脆弱点评分权值组合搜索算法和基于信息熵的权值组合选择算法,联合确定目标网络的最优脆弱点评分权值组合,最终实现对脆弱点的最优评分.结果表明,文中方法确定的目标网络最优脆弱点评分权值组合保证了脆弱点多样性,弥补了WIVSS的不足. To reflect the complexity and diversity of vulnerability for the WIVSS scoring mechanism,the frequently used vulnerability analysis theory and vulnerability scoring method were analyzed.A new vulnerability scoring method was designed based on common vulnerability scoring system (CVSS ) to reflect the complexity of vulnerabilities well.According to a set of actual system constraint rules from analysis,the optimum combination search algorithm of fragile comment decentralization values and the selection algorithm of information entropy weights portfolio were used to determine the optimal decentralization vulnerable reviews combination of values by the target network,and the best scores of vulnerable points were obtained.The results show that the proposed weight combination of vulnerability can ensure the diversity of vulnerability point and improve the WIVSS.
作者 周诚 李伟伟 莫璇 李千目
机构地区 国家电网全球能源互联网研究院 南京理工大学计算机科学与工程学院
出处 《江苏大学学报(自然科学版)》 EI CAS CSCD 北大核心 2017年第1期68-77,85,共11页 Journal of Jiangsu University:Natural Science Edition
基金 国家电网公司科技项目(SGRIXTKJ[2015]614)
关键词 脆弱性评估 脆弱点评分 网络安全 信息熵 权值组合 vulnerability score vulnerability assessment network security information entropy weight combination
分类号 TP391.41 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献2

二级参考文献16

  • 1Pfleeger S L, et al, Insiders behaving badly: Addressing bad actors and their actions. IEEE Transactions on Information Forensics and Security, 2010, 5(1): 169-179.
  • 2Afghan war diary, 2004-2010 [EB/OLJ. http://wikileaks. org/wiki/ Afghan_ WacDiary_2004-2010. 2010-07.
  • 3Schonlau M, Dumouchel W, Iu W, et al. Computer intrusion: Detecting masquerades. Statistical Science, 2001: 58-74.
  • 4Salem M, Stolfo S. Modeling user search behavior for masquerade detectionllProceeding of the 14th International Symposium Recent Advances in Intrusion Detection. Berlin Heidelberg: Springer, 2011: 181-200.
  • 5Zheng N, Palo ski A, Wang H, An efficient user verification system via mouse movementsllProceedings of the 18th ACM Conference On Computer and communications. Chicago, Illinois, USA, 2011: 139-150.
  • 6Brackney R C, Anderson R H. Understanding the Insider Threat: Proceedings of a March 2004 Workshop. Santa Monica, CA: RAND Corporation, 2004. http://www. rand. org/ pubs/conLproceedings/CF196.
  • 7Maloof M, Stephens G. Elicit: A system for detecting insiders who violate need-to-knowIIProceeding of the 14th International Symposium Recent Advances in Intrusion Detection. Berlin Heidelberg: Springer, 2007: 146-166.
  • 8Poolsappasit N, Dewri R, Ray 1. Dynamic security risk management using Bayesian attack graphs. IEEE Transactions on Dependable and Secure Computing, 2012, 9(1): 61-74.
  • 9Wang L, Noel S, Jajodia S. Minimum-cost network hardening using attack graph. Computer Communications, 2006, 29( 18): 3812-3824.
  • 10Wang L, et al, An attack graph-based probabilistic security metricllData and Applications Security XXII. Berlin Heidelberg: Springer, 2008: 283-296.

共引文献82

同被引文献74

引证文献8

二级引证文献23

江苏大学学报(自然科学版)
2017年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部