首页 | 本学科首页   官方微博 | 高级检索  
     

基于扩散分析的网络安全威胁态势评估
引用本文:李志东,杨武,王巍,苘大鹏. 基于扩散分析的网络安全威胁态势评估[J]. 吉林大学学报(工学版), 2012, 42(1): 145-149
作者姓名:李志东  杨武  王巍  苘大鹏
作者单位:哈尔滨工程大学信息安全研究中心,哈尔滨,150001
基金项目:"863"国家高技术研究发展计划项目,国家242信息安全计划项目,哈尔滨工程大学研究基金项目
摘    要:针对多数态势评估方法欠缺对授权与依赖关系的考虑、无法反映间接威胁、评估结果对动态防御的指导作用不大的问题,提出了一种以威胁扩散分析为基础、以攻击意图揣测为延伸的评估方法。首先评估了攻击施加的直接威胁,及其沿着依赖关系扩散引发的间接威胁。然后探讨了多攻击并发时的非线性叠加效应。最后使用覆盖法和聚类法揣测攻击意图。实验表明,该方法能更透彻、更精准地揭示安全状况,较好地指导动态防御。

关 键 词:计算机应用  网络安全  威胁态势评估  扩散分析  攻击意图

Network security threat situation evaluation based on spread analysis
Affiliation:LI Zhi-dong,YANG Wu,WANG Wei,MAN Da-peng(Information Security Research Center,Harbin Engineering University,Harbin 150001,China)
Abstract:Most situation evaluation methods lack the consideration for authorization and dependency relationship,unable to reflect indirect threats,so the assessment results guide dynamic defense poorly.Regarding these problems,an evaluation method was proposed,which takes threat spread analysis as its basis,and attack intention guess as its extension.First,the direct and indirect threats were evaluated;the direct threats originate from attacks,and the indirect threats were caused by the spread of direct threats along the dependency relationships.Then,the nonlinear overlapping effects under multiple concurrent attacks were discussed.Finally,the covering and clustering method was used to guess attack intensions.Experiment shows that the proposed method can reveal security situation more thoroughly and accurately,and can guide dynamic defense preferably.
Keywords:computer application  network security  threat situation evaluation  spread analysis  attack intention
本文献已被 CNKI 万方数据 等数据库收录!
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号