| 计算机主机及网络脆弱性量化评估研究 |
| |
| 引用本文: | 夏阳,陆余良.计算机主机及网络脆弱性量化评估研究[J].计算机科学,2007,34(10):74-79. |
| |
| 作者姓名: | 夏阳 陆余良 |
| |
| 作者单位: | 解放军电子工程学院网络工程系,合肥,230037 |
| |
| 摘 要: | 在计算机网络安全领域,针对计算机主机及网络的脆弱性量化评估是目前的研究热点。本文提出了一种网络脆弱性量化评估方法,并在该评估方法的基础上开发出了相应的评估系统。系统通过对主机漏洞存在可能性以及漏洞利用可能性进行量化评估,得到目标主机的脆弱性度量值。在此基础上,结合网络拓扑结构,利用优化的最短路径算法,分析网络中存在的危险路径和关键结点,从而可以有针对性地进行网络脆弱性修补,增强网络的总体安全性能。
|
| 关 键 词: | 量化评估 脆弱性 入边等权有向图 中心性 |
The Research of Quantitative Vulnerability Assessment of Computer Host and Network |
| |
| XIA Yang LU,Yu-Liang.The Research of Quantitative Vulnerability Assessment of Computer Host and Network[J].Computer Science,2007,34(10):74-79. |
| |
| Authors: | XIA Yang LU Yu-Liang |
| |
| Affiliation: | Teaching and Research Office of Network Engineering of Electronic Engineering Institute, Hefei 230037 |
| |
| Abstract: | In the field of network security,the research of quantitative vulnerability assessment of computer host and network is becoming highlighting.This paper brings forward a method of network-vulnerability quantitative assess- ment,and a corresponding system,based on this method,is established closely after that.In order to obtain the vul- nerability measurement of target host,the possibility of the existence and the exploitability of vulnerability are evalua- ted quantitatively in the system.On the basis of that,by combining with network topology,the dangerous path and critical node of network are analyzed in terms of the refined shortest-path algorithms.Thereby,the administrator can patch the vulnerability with a definite purpose,and which undoubtedly would enhance the general security performance of the network. |
| |
| Keywords: | Quantitative assessment Vulnerability Ingoing edge equi-weight directed graph Centrality |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
点击此处可从《计算机科学》下载全文 |
|
