江苏大学学报(自然科学版)2017,Vol.38Issue(1):68-77,85,11.DOI:10.3969/j.issn.1671-7775.2017.01.013
一种网络安全脆弱性评估方法
A assessment method of network security vulnerability
摘要
Abstract
To reflect the complexity and diversity of vulnerability for the WIVSS scoring mechanism,the frequently used vulnerability analysis theory and vulnerability scoring method were analyzed.A new vulnerability scoring method was designed based on common vulnerability scoring system (CVSS ) to reflect the complexity of vulnerabilities well.According to a set of actual system constraint rules from analysis,the optimum combination search algorithm of fragile comment decentralization values and the selection algorithm of information entropy weights portfolio were used to determine the optimal decentralization vulnerable reviews combination of values by the target network,and the best scores of vulnerable points were obtained.The results show that the proposed weight combination of vulnerability can ensure the diversity of vulnerability point and improve the WIVSS.关键词
脆弱性评估/脆弱点评分/网络安全/信息熵/权值组合Key words
vulnerability score/vulnerability assessment/network security/information entropy/weight combination分类
信息技术与安全科学引用本文复制引用
周诚,李伟伟,莫璇,李千目..一种网络安全脆弱性评估方法[J].江苏大学学报(自然科学版),2017,38(1):68-77,85,11.基金项目
国家电网公司科技项目 ()