| 基于攻击模拟的网络安全风险分析方法研究 |
| |
| 引用本文: | 吕慧颖,曹元大,时翠霞. 基于攻击模拟的网络安全风险分析方法研究[J]. 北京理工大学学报, 2008, 28(4): 338-342 |
| |
| 作者姓名: | 吕慧颖 曹元大 时翠霞 |
| |
| 作者单位: | 北京理工大学,计算机科学技术学院,北京,100081;首都师范大学,信息工程学院,北京,100037;北京理工大学,软件学院,北京,100081;首都师范大学,信息工程学院,北京,100037 |
| |
| 摘 要: | 提出了一种基于攻击模拟的网络安全风险分析方法.在提取目标系统及其弱点信息和攻击行为特征的基础上,模拟攻击者的入侵状态改变过程,生成攻击状态图,并给出其生成算法.利用攻击状态图识别出了潜在的威胁及其所涉及的主体、客体和行为,经过定量评估得到各种入侵路径的风险程度,为分析风险状况和制定风险控制策略提供了依据.通过典型实验环境,验证了该模型的实用性及有效性.
|
| 关 键 词: | 网络安全 攻击模拟 状态图 风险评估 |
| 文章编号: | 1001-0645(2008)04-0338-05 |
| 收稿时间: | 2007-09-27 |
| 修稿时间: | 2007-09-27 |
Network Security Risk Analysis Based on Simulation Attacks |
| |
| LV Hui-ying,CAO Yuan-da and SHI Cui-xia. Network Security Risk Analysis Based on Simulation Attacks[J]. Journal of Beijing Institute of Technology(Natural Science Edition), 2008, 28(4): 338-342 |
| |
| Authors: | LV Hui-ying CAO Yuan-da SHI Cui-xia |
| |
| Affiliation: | L(U) Hui-ying,CAO Yuan-da,SHI Cui-xia |
| |
| Abstract: | Network security analysis must identify vulnerabilities in network and intruder's intention.A novel network risk analysis model is proposed based on simulation attacks.First,the information about target network and intruder is studied and described.By correlating the system's vulnerabilities and attacker's behaviors,attack state graph(ASG) was introduced,and its generating algorithm presented.In ASG the state transfer during the attack process is simulated.Then the ASG is used to find out all the routes of the attacker's pervasion,and then to evaluate the threatened location and risk degree,which provides a useful evidence and guidance for making risk decision.Finally a virtual network environment is given to illustrate the applicability of this risk analysis model,and validate its effectiveness to network security analysis and quantitative assessment. |
| |
| Keywords: | network security attack simulating state graph risk assessment |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《北京理工大学学报》浏览原始摘要信息 |
|
点击此处可从《北京理工大学学报》下载全文 |
|
