检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]中国科学技术大学计算机科学与技术学院,安徽合肥230027 [2]安徽省计算与通信软件重点实验室,安徽合肥230027
出 处:《小型微型计算机系统》2009年第11期2163-2168,共6页Journal of Chinese Computer Systems
基 金:教育部博士点基金项目(20060358011)资助
摘 要:漏洞修复是增强网络安全性的重要方法,选择性地修复网络中漏洞具有现实意义.提出一种收益与代价相结合的漏洞修复模型BCVRM.漏洞修复收益评价算法基于简化的攻击图生成算法,对比漏洞修复前后网络整体及相关各类型主机安全状态的提升,给出漏洞修复的总收益.漏洞修复代价评分系统基于CVSS对漏洞属性信息的描述,给出单个漏洞修复代价的评分规则,然后结合漏洞所属主机类型及漏洞分布情况给出网络漏洞修复代价.实例网络分析表明,该模型能够为网络管理人员提供一个切实可行的网络漏洞修复策略.The vulnerabilities repair is an important method to enhance network security. Selective repair of the network vulnerabilities is of practical significance. This paper presents a benefit and cost combined vulnerabilities repair model(BCVRM). The vulnerability repair evaluation algorithm based on the simplified attack graph generation algorithm, compares the security states of the network and related hosts before and after the repair of the vulnerability, giving the total benefits. The vulnerability repair cost scoring system based on the description of the vulnerability attribution from CVSS, gives the scoring rules of repair cost of the single vulnerability, then gives the cost for repairing the vulnerability in network according to the type of the related hosts and vulnerability distribution. The analysis of sample network shows that BCVRM is able to provide network managers with a practical strategy for the network vulnerabilities repair.
分 类 号:TP393[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.66
