| 基于模型的网络脆弱性定量分析方法 |
| |
| 引用本文: | 王玉龙,杨放春,孙其博.基于模型的网络脆弱性定量分析方法[J].北京邮电大学学报,2008,31(4):58-61. |
| |
| 作者姓名: | 王玉龙 杨放春 孙其博 |
| |
| 作者单位: | 北京邮电大学网络与交换技术国家重点实验室,北京,100876;北京邮电大学网络与交换技术国家重点实验室,北京,100876;北京邮电大学网络与交换技术国家重点实验室,北京,100876 |
| |
| 基金项目: | 国家高技术研究发展计划(863计划),教育部长江学者和创新团队发展计划 |
| |
| 摘 要: | 将网络抽象为分层节点和同层连接的二元组。以各层协议实体的变量值组合表示网络状态,分为安全状态、错误状态和失败状态。阐述了脆弱点导致网络进入失败状态的原理。分析了脆弱点识别、验证和关联的依赖关系。提出定量的脆弱性计算方法,对脆弱性的性质进行了理论分析,提出3种安全风险削减方案。
|
| 关 键 词: | 网络 脆弱性 定量分析 安全风险 |
| 收稿时间: | 2008-1-8 |
Model-Based Quantitative Method of Network Vulnerability Analysis |
| |
| WANG Yu-long,YANG Fang-chun,SUN Qi-bo.Model-Based Quantitative Method of Network Vulnerability Analysis[J].Journal of Beijing University of Posts and Telecommunications,2008,31(4):58-61. |
| |
| Authors: | WANG Yu-long YANG Fang-chun SUN Qi-bo |
| |
| Affiliation: | State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing 100876, China) |
| |
| Abstract: | Abstracts network into a two-tuple containing hierarchical nodes and horizontal links. Variables of protocol entities from each layer are combined to represent three types of network states: Secure, Error and Fail-ure. The causality between vulnerabilities and network failures are described, and the dependency relationship between the finding, verifying and correlating of vulnerabilities is analyzed. A quantitative method for measuring network vulnerability is proposed and vulnerability from a theoretical perspective is as well analyzed. Finally, three solutions to lower security risks are presented. |
| |
| Keywords: | network vulnerability quantitative analysis security risk |
| 本文献已被 维普 万方数据 等数据库收录! |
| 点击此处可从《北京邮电大学学报》浏览原始摘要信息 |
|
点击此处可从《北京邮电大学学报》下载全文 |
