摘要
网络安全威胁评估技术被广泛应用在态势感知、攻击预警等方面。目前,大多威胁评估模型构建仅考虑节点自身的状态,但节点间的交互关系对安全威胁评估有较大影响。因此,提出一种基于复杂网络的多维网络安全威胁评估模型,从目标脆弱性、安全威胁状态和攻击危害损失3个维度衡量节点的初始状态,借助构建连续动力学复杂网络模型,模拟节点间的交互关系,实现对网络综合态势的评估。采用2020年12月—2021年2月某云上获取的数据进行安全威胁评估,实验结果表明,提出的评估模型可准确反映安全威胁态势。
Network security threat assessment technology is widely used in situational awareness, attack early warning, etc. At present, most threat assessment models only consider the state of the node itself, but the interaction between nodes has a greater impact on security threat assessment. Therefore, this paper proposes a multi-dimensional network security threat assessment model based on complex networks, which measures the initial state of nodes from three dimensions: target vulnerability, security threat status, and attack damage loss. The interaction between nodes is simulated with the help of building a continuous dynamic complex network model. The model can reflect the assessment of the comprehensive situation. The data obtained on a cloud from December 2020 to February 2021 is used for security threat assessment. The experimental results indicate that the proposed assessment model can accurately reflect the security threat situation.
作者
刘晓影
王淮
乌吉斯古愣
LIU Xiaoying;WANG Huai;WU Jisiguleng(No.30 Institute of CETC,Chengdu Sichuan 610041,China)
出处
《通信技术》
2021年第8期1969-1974,共6页
Communications Technology
关键词
复杂网络
目标脆弱性
安全威胁状态
攻击危害损失
complex network
target vulnerability
security threat status
attack damage loss