基于TOPSIS的多维网络安全度量模型研究

为了能够较为全面地对网络安全进行度量，使用层次分析法将网络安全划分为3个维度，即环境安全、可靠性安全和漏洞安全3个维度，并选取逼近理想解排序法作为对网络安全度量指标进行综合评估的方法来消除层次分析法的主观性，以快速发现网络攻击并度量其风险.从3个维度出发，对网络安全进行划分，提取各个维度的度量指标，对其进行量化.在环境安全维度上，通过对网络中基础设施和基础数据的度量，得到网络的基础评估值；在可靠性安全维度上，将网络抽象为图，结合复杂网络和图论的理论知识，计算可靠性安全指标；在漏洞安全维度上，使用工具对网络中的漏洞进行扫描，对漏洞划分等级，计算漏洞相关度量值.实验结果表明，该模型在网络安全度量上有较好的准确性与实时性，这在网络安全维护的过程中，对网络中存在安全隐患的部分进行及时准确地定位并提高网络的安全性有重要意义. 

A Multi-Dimensional Network Security Metrics Model Based on TOPSIS

In order to measure network security comprehensively, technique for order preference by similarity to an ideal solution (TOPSIS) was chosen as a comprehensive evaluation method of network security metrics to quickly detect network attacks and measure their risks, and the network security was divided into three dimensions by analytic hierarchy process, namely, environmental safety, reliability security and vulnerability security. According to the three dimensions, the network security was divided, and the metrics of each dimension were extracted and quantified. In the dimension of environment security, the evaluation value of the network security was presented based on the measurement of the network infrastructure and basic data. In the dimension of reliability security, the network was abstracted as a graph, and the reliability safety index was calculated based on the complex network theory and graph theory. In the dimension of vulnerability security, the vulnerabilities in the network were scanned with tools, and the vulnerability security index was calculated. The experimental results show that the model can improve accuracy and real-time performance in network security metrics. It is important to locate the network security risks and enhance the safety of network in time and accurately.