共查询到20条相似文献,搜索用时 31 毫秒
1.
随着计算机网络的发展,网络安全问题日益突出,对网络安全进行风险分析就变得日益重要。本文从古典的风险分析入手,提出了网络安全风险层次分析模型,并用该模型对某个公司的局域网进行了风险分析。 相似文献
2.
3.
4.
5.
基于PRA的网络安全风险评估模型 总被引:6,自引:1,他引:5
概率风险分析被广泛应用于社会各领域,如交通、能源、化工处理、航天、军事等。文章采用概率风险分析的方法,对网络的逻辑构成、网络攻击和攻击结果进行分析,通过故障树描述了网络系统被攻击的原因与途径,并建立了风险评估模型。 相似文献
6.
信息系统安全风险的概念模型和评估模型 总被引:2,自引:1,他引:2
本文阐述了信息系统安全风险的概念模型和评估模型,旨在为风险评估工作提供理论指导,使风险评估的过程和结果具有逻辑性和系统性,从而提高风险评估的质量和效果。 相似文献
7.
软件脆弱性分析 总被引:3,自引:0,他引:3
Software vulnerability is the root reason that cause computer system security problem. It's a new researchtopic to analyze vulnerability based on the essence of software vulnerability. This paper analyzes the main definitions and taxonomies of vulnerability,studies vulnerability database and tools for vulnerability analysis and detection, and gives the details about what caused the most common vnlnerabilities in the LINUX/UNIX operating systems. 相似文献
8.
9.
The increasing complexity of information and telecommunications systems and networks is reaching a level beyond human ability, mainly from the security assessment viewpoint. Methodologies currently proposed for managing and assuring security requirements fall short of industrial and societal expectations. The statistics about vulnerabilities and attacks show that the security, reliability and availability objectives are not reached and that the general threat situation is getting worse. With the deployment of Next Generation Networks – NGNs, the complexity of networks, considering their architecture, speed and amount of connections, will increase exponentially. There are several proposals for the network and security architectures of NGNs, but current vulnerability, threat and risk analysis methods do not appear adequate to evaluate them. Appropriate analysis methods should have some additional new characteristics, mainly regarding their adaptation to the continuous evolution of the NGNs. In addition, the application of security countermeasures will require technological improvements, which will demand further security analyses. This paper evaluates the current vulnerability, threat and risk analysis methods from the point of view of the new security requirements of NGNs. Then, the paper proposes to use autonomic and self-adaptive systems/applications for assuring the security of NGNs. 相似文献
10.
11.
操作系统等系统软件中的安全漏洞本质上是一种没有满足软件安全性的缺陷.对安全漏洞的检测过程进行深入研究能够使安全测试人员合理分配测试资源,更准确地评估软件的安全性.深入分析了影响操作系统软件安全漏洞检测的因素,认为安全漏洞检测速度与软件的市场占有率、已发现漏洞数和未发现漏洞数成正比.在此基础上建立了基于市场占有率的漏洞检测模型.该模型表明:在软件发布之前只会暴露少量安全漏洞;某些安全漏洞最终不会被检测到.这两个结论已被实际的数据证实.最后用提出的模型分析了三种流行操作系统的漏洞检测数据集.与同类模型相比,模型具有更好的拟合能力与预测能力. 相似文献
12.
13.
14.
15.
16.
17.
18.
windows漏洞挖掘已经成为网络安全技术一个重要的组成部分。在结合逆向工程和fuzz技术的windows漏洞挖掘模型中加入了漏洞特征的因素:本文首先介绍了逆向工程、漏洞特征建模和fuzz技术的概念和研究内容,接着介绍了基于漏洞特征的windows漏洞挖掘模型原理。 相似文献