| 一种定量的网络安全风险评估系统模型 |
| |
| 引用本文: | 史亮,庄毅.一种定量的网络安全风险评估系统模型[J].计算机工程与应用,2007,43(18):146-149. |
| |
| 作者姓名: | 史亮 庄毅 |
| |
| 作者单位: | 南京航空航天大学,信息科学与技术学院,南京,210016 |
| |
| 基金项目: | 航空基础科学基金
,
国家部委工业基础预研项目 |
| |
| 摘 要: | 提出一个定量的网络安全风险评估系统模型和与之对应的定量风险评估体系,并为体系中资产、威胁、脆弱性和风险等各项指标提出了相应的计算方法;论述了模型系统中各个模块的设计和机理,其中采用基于免疫的入侵检测技术使得威胁评估模块具备发现新颖威胁的能力,插件设计保证了脆弱性模块较好的扫描效率和扩展性。最后,用实验验证了该定量评估模型对评价网络安全状态的有效性。
|
| 关 键 词: | 风险评估 入侵检测 漏洞扫描 |
| 文章编号: | 1002-8331(2007)18-0146-04 |
| 修稿时间: | 2006-11 |
Quantitative risk assessment model for network security |
| |
| SHI Liang,ZHUANG Yi.Quantitative risk assessment model for network security[J].Computer Engineering and Applications,2007,43(18):146-149. |
| |
| Authors: | SHI Liang ZHUANG Yi |
| |
| Affiliation: | Institute of Information Science and Technology,Nanjing University of Aeronautics and Astronautics,Nanjing 210016, China |
| |
| Abstract: | A model of network security risk assessment system both with a quantitative evaluation theory are presented in this paper.And each relevant index,such as asset,vulnerability,threat and risk,is built up with a quantitative measurement.Design and mechanism of each module of this system are specified in this article.This model can detect unknown threats by using intrusion detection technology based on immunity in threat evaluation module.And the efficiency and the extendibility of vulnerability evaluation module are ensured by using the plug-in technology.At the end,the experiment shows that the quantitative model of risk assessment is effective approach to the evaluate network security state. |
| |
| Keywords: | risk assessment intrusion detection vulnerability scanning |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程与应用》浏览原始摘要信息 |
|
点击此处可从《计算机工程与应用》下载全文 |
|
