摘要
为有效解决网络攻击效果评估中对指标数据的过度依赖性,提高网络攻击效果评估的准确性,提出了一种基于攻击树和CVSS的网络攻击效果评估方法 。首先,采用攻击树模型描述系统可能存在的攻击路径,并利用模糊层次分析法对各叶节点的发生概率进行求解;然后,基于CVSS漏洞信息建立网络攻击效果量化评估模型;最后,采用实例进行验证分析说明。该方法能够充分利用己有的攻击行为研究成果,评估结果较为客观,且思路清晰,算法简单,具有较强的通用性和工程应用价值。
In order to solve the over-dependence on index data in network attack effect evaluation and improve the accuracy of network attack effect evaluation,this paper proposed a network attack effect evaluation method based on attack tree and CVSS.Firstly,The attack tree model is used to describe the possible attack paths of the system,and the probability of each leaf node is solved by fuzzy analytic hierarchy process.Then,based on CVSS vulnerability information,a quantitative evaluation model of network attack effect was established.Finally,an example is used for verification analysis.This method can make full use of the existing research results of aggressive behavior,the evaluation results are objective,the thinking is clear,the algorithm is simple,and it has strong universality and engineering application value.
作者
潘刚
米士超
郭荣华
黄丽刚
王金锁
李凯
Pan Gang;Mi Shichao;Guo Ronghua;Huang Ligang;Wang Jinsuo;Li Kai(Key Laboratory of Optoelectronic Countermeasures Measurement and Evaluation Technology,Luoyang 471003,China)
出处
《电子技术应用》
2022年第4期76-80,共5页
Application of Electronic Technique
基金
国家自然科学基金项目(61372039)。
关键词
攻击树
模糊层次分析法
CVSS漏洞
网络攻击
效果评估
attack tree
fuzzy analytic hierarchy process
CVSS vulnerability
network attack
effectiveness evaluation
