计算机应用研究2013,Vol.30Issue(9):2763-2766,4.DOI:10.3969/j.issn.1001-3695.2013.09.051
基于贝叶斯攻击图的网络安全量化评估研究
Research of quantitative network security assessment based on Bayesian-attack graphs
摘要
Abstract
Aiming at solving the problems of attack graphs that the complicated relationships between nodes,the existing of cyclic attack paths and reflecting merely the static risk when evaluating the network security,this paper put forward the concept of Bayesian-attack graphs which simplified attack graphs and avoided the appearing of the cyclic paths by an optimized algorithm,combining attack graphs and Bayesian theory.By importing attack evidence and CVSS,this paper proposed a new method against to the vulnerability which could dynamically evaluate the whole and partial network security based on Bayesianattack graphs.Experimental results in the real network show its veracity and validity,and the method can dynamically reflect the changes of the network security situation comparing to traditional assessment methods.关键词
贝叶斯攻击图/脆弱点/动态评估/攻击证据Key words
Bayesian-attack graphs/ vulnerability/ dynamic assessment/ attack evidence分类
信息技术与安全科学引用本文复制引用
方研,殷肖川,李景志..基于贝叶斯攻击图的网络安全量化评估研究[J].计算机应用研究,2013,30(9):2763-2766,4.基金项目
国家自然科学基金资助项目(61272486) (61272486)
