基于攻击图的网络安全度量研究综述  被引量：16

作　　者：胡浩[1,2] 刘玉岭 张玉臣[1,2] 张红旗[1,2] HU Hao;LIU Yuling;ZHANGYuchen;ZHANG Hongqi(The Third Institute,Information Engineering University,Zhengzhou 450001,China;Henan Key Laboratory of Information Security,Zhengzhou 450001,China;Trusted Computing and Information Assurance Laboratory,Institute of Software,Chinese Academy of Sciences,Beijing 100190,China)

机构地区：[1]信息工程大学三院,河南郑州450001 [2]河南省信息安全重点实验室,河南郑州450001 [3]中国科学院软件研究所可信计算与信息保障实验室,北京100190

出　　处：《网络与信息安全学报》2018年第9期1-16,共16页Chinese Journal of Network and Information Security

基　　金：国家高技术研究发展计划("863"计划)基金资助项目(No.2015AA016006);国家重点研发计划基金资助项目(No.2016YFF0204002;No.2016YFF0204003);郑州市科技领军人才基金资助项目(No.131PLJRC644);"十三五"装备预研领域基金资助项目(No.6140002020115);CCF-启明星辰"鸿雁"科研计划基金资助项目(No.2017003)~~

摘　　要：网络安全度量面临的主要挑战之一,即如何准确地识别目标网络系统中入侵者利用脆弱性之间的依赖关系进行威胁传播,量化对网络系统的潜在影响。攻击图由于具备优越的可视化展示能力,是解决该问题的有效途径之一。首先,介绍了安全度量的概念、发展历程和通用测度模型;然后,阐述攻击图构建、分类和应用的相关研究;其次,提出一种基于攻击图的层次化安全度量框架,从关键"点"、攻击"线"和态势"面"3个层次总结归纳了现有网络安全度量方法;最后,阐述了目前研究面临的难点问题与发展趋势。One of the main challenges of network security metrics is how to accurately identify the intrusion of the intruders exploiting the dependence between the vulnerabilities for threat propagation in the target network system as well as to quantify the potential impact on the network system. Because of its superior performance of visual dis-play, the attack graph becomes one of the effective ways to solve the problem. Firstly, the concept, development and general metric models of security metrics were introduced. Secondly, the related researches with respect to attack graph construction, classification and application were discussed. Thirdly, a hierarchical framework for security metric using attack graph was proposed, and then existing methods of network security metric were summarized from three levels （key “point”, attack “line” and situation “plane”）. Finally, the difficult issues and development trends for the current research were discussed.

关 键 词：网络安全度量 攻击图 安全漏洞 告警分析 量化评估 

分 类 号：TP393.8[自动化与计算机技术—计算机应用技术]