计算机应用与软件2025,Vol.42Issue(4):366-372,7.DOI:10.3969/j.issn.1000-386x.2025.04.052
基于多维度特征的攻击者和资产风险评估方法
AN INTRUDER AND ASSET RISK ASSESSMENT METHOD BASED ON MULTI-DIMENSIONAL FEATURES
马浩翔 1陆晨晖 1程茜 1程圣铎1
作者信息
- 1. 中国电信股份有限公司研究院安全平台技术研发部 上海 201315
- 折叠
摘要
Abstract
According to the lack of the transition from qualitative risks to quantitative risks in the current cyber security risk assessment system,this paper proposed an intruder and asset risk assessment method based on multi-dimensional features.From the aspect of the intruder,this paper designed three dimensions to evaluate each intruder,and obtained the top-threat intruders.From the aspect of assets,this paper designed the dynamic scoring of threat dimensions and vulnerability dimensions.Combining the identification and value assignment of assets,we obtained the top-risk assets.The results of this paper can be used to display the current top-risk intruders and risked systems to security analysts,to maximize the existing defense countermeasure.The result is of theory significance and practical meanings.关键词
风险评估/攻击者特征/资产特征Key words
Risk assessment/Intruder features/Asset features分类
信息技术与安全科学引用本文复制引用
马浩翔,陆晨晖,程茜,程圣铎..基于多维度特征的攻击者和资产风险评估方法[J].计算机应用与软件,2025,42(4):366-372,7.
