检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:苘大鹏[1] 杨武[1] 杨永田[1] 周渊[2] 张冰[2]
机构地区:[1]哈尔滨工程大学信息安全研究中心哈尔滨150001 [2]国家计算机网络应急技术处理协调中心北京100029
出 处:《高技术通讯》2009年第2期141-146,共6页Chinese High Technology Letters
基 金:863计划(2006AA012451);973计划(2007CB311100)资助项目
摘 要:针对传统的网络安全量化评估方法忽略了网络弱点间的关联性和目标主机的安全需求,导致评估结果不够准确的问题,提出了一种基于弱点关联和安全需求的网络安全量化评估方法。该方法利用攻击图来计算各弱点被网络攻击者成功利用的概率。在此基础上,计算各弱点对主机可用性、保密性和完整性的影响。最后,根据目标主机的安全需求评估主机和网络的安全性。实例分析表明,该评估方法克服了传统方法孤立地评估各弱点对主机的网络安全性评估的不利影响,获得的评估结果较传统方法更为准确。The paper points out that traditional quantitative methods for network security assessment usually lead to the inaccurate assessment results because they neglect the vulnerability correlation in networks and the security requirements of target hosts, and based on the analysis of this, proposes a new one which considers the vulnerability correlation and security requirements. The proposed method uses the attack graph to calculate the probability of network attackers' successful exploitation of the vulnerabilities, and based on this, calculates the effects of the vulnerabilities on the availability, confidentiality and integrity of the hosts. Finally, it assesses the security of the hosts and the network according to the security requirements. The analysis of the example indicates that the acquired assessing results by using this method are more accurate than the traditional methods.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术] TU528.01[自动化与计算机技术—计算机科学与技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.43