信息网络安全

信息网络安全 ›› 2014, Vol. 14 ›› Issue (9): 39-43.doi: 10.3969/j.issn.1671-1122.2014.09.009

• 入选论文 • 上一篇    下一篇

面向网络协同防御的动态风险评估模型

王星河1, 2, 余洋1, 2, 夏春和1, 2   

  1. 1. 北京航空航天大学计算机学院,北京 100191;
    2. 网络技术北京市重点实验室,北京 100191
  • 收稿日期:2014-08-06 出版日期:2014-09-01
  • 作者简介:王星河(1990-),男,北京,硕士,主要研究方向:网络安全;余洋(1985-),男,湖北,博士,主要研究方向:网络安全;夏春和(1963-),男,江苏,教授,博士,主要研究方向:网络安全。

Network Collaborative Defense Oriented Dynamic Risk Assessment System

WANG Xing-he1, 2, YU Yang1, 2, XIA Chun-he1, 2   

  1. 1. School of Computer Sience and Engineering, Beihang University, Bejing 100191,China;
    2. Beijing Key Laboratory of Network Technology, Bejing 100191,China
  • Received:2014-08-06 Online:2014-09-01

RichHTML

1

PDF (PC)

169

摘要: 为了给协同防御场景下方案的自动生成提供决策依据,文章设计了一个分层风险评估模型。通过属性攻击图表示网络中的脆弱性,搜索攻击图中所有潜在攻击路径,计算每条路径被攻击者利用的概率和目标节点的全局概率。使用AHP层次分析法计算整个网络的层次风险。为解决协同防御中方案生成的两个重要问题——“什么时候响应”和“采取什么措施响应”——提供可靠的决策依据。

关键词: 风险评估, 攻击图, 层次分析法

Abstract: a hierarchical risk assessment model is designed to provide evidence for the auto plan generating process of collaborate defense. The model organizes vulnerability by using attribute based attack graph, finding out all possible attack paths and calculating possibility of each single attack path. Analytic hierarchy process is used to calculate the hierarchical risk of the network. The model provides reliable evidence for the collaborate defense to solve two important problems, that is when to response and what measures to take in the response.

Key words: risk assessment, attack graph, analytic hierarchy process