| 基于攻击路径图的威胁评估方法 |
| |
| 引用本文: | 蔡林,刘学忠.基于攻击路径图的威胁评估方法[J].计算机应用,2009,29(Z1). |
| |
| 作者姓名: | 蔡林 刘学忠 |
| |
| 作者单位: | 1. 浙江省公安厅,网警总队,杭州,311400
2. 北京科技大学,信息工程学院,北京,100083 |
| |
| 基金项目: | 国家自然科学基金资助项目(60572162) |
| |
| 摘 要: | 为解决复杂系统安全威胁评估问题,研究并建立了基于攻击路径图的系统安全威胁模型。该模型首先提出了漏洞利用可能性及利用结果的评估标准,进而在分析漏洞之间利用关系的基础上生成目标系统的攻击路径图,并以图论、概率论等理论作为基本方法对将复杂攻击路径分解为以串、并联形式为基本构成单元的简单路径,从而降低了安全威胁评估问题的规模和难度,实现了对漏洞威胁以及攻击路径威胁的量化评估。
|
| 关 键 词: | 攻击路径图 图论 概率论 威胁评估 |
Threat evaluation method based on attack-path graph |
| |
| CAI Lin,LIU Xue-zhong.Threat evaluation method based on attack-path graph[J].journal of Computer Applications,2009,29(Z1). |
| |
| Authors: | CAI Lin LIU Xue-zhong |
| |
| Affiliation: | 1.Department of Public Security of ZheJiang Province;Hangzhou Zhejiang 31140;China;2.University of Science and Technology Beijing;School of Information Engineering;Beijing 100083;China |
| |
| Abstract: | In order to solve the problem of evaluation of system security threat in the complex information system,a system security threat model based on the attack-path graph was proposed.The model gives an evaluating standard of the possibility and harmful level of the vulnerability exploitation.Then an attack-path graph of the target system can be generated based on the exploitation relationship among vulnerabilities.Based on methods in the graph theory and probability theory,we can decompose the complicated attac... |
| |
| Keywords: | attack-path graph graph theory probability theory evaluation of threat |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
