信度向量正交投影分解的网络安全风险评估方法

传统安全风险评估方法大都存在着主观性和片面性问题，该文针对网络节点的漏洞和攻击层面的风险分析需求，提出了漏洞信度和攻击信度的概念，设计了一种信度向量正交投影分解的网络安全风险评估方法。该方法首先将攻击所依赖的漏洞信息和节点本身漏洞信息相关联，结合网络中各节点自身的权重，量化从节点至全网的安全风险分析；其次，在漏洞信度计算时，为了排除漏洞扫描工具自身的不确定因素和数据源的单一性，将多个扫描工具的检测结果融合，构成数据源；最后，基于欧式空间向量投影的思想提出了一个信度向量投影分解算法。实验结果验证了该文方法的有效性。

Reliability Vector Orthogonal Projection Decomposition Method of Network Security Risk Assessment

Most traditional security risk assessment methods have the shortcomings of subjectivity and one-sidedness.Considering the risk analysis demand of vulnerabilities and attacks of network nodes,this paper proposes the concept of vulnerability reliability and attack reliability,and designs a reliability vector orthogonal projection decomposition method of network security risk assessment.First,this method associates vulnerability information which attacks relying on with vulnerability information of the node itself,and quantifies the security risk analysis from the node to the whole network,with the own weight of each node in the network.Second,in order to exclude the own uncertainties of vulnerability scanning tools and the unity of the data source,this method fuses several test results of scan tool,and constitutes the data source when calculating the vulnerability reliability.Finally,based on the idea of Euclidean space vector projection,the method puts forward an algorithm of reliability vector projection decomposition.The result of the experiment of the network security risk evaluation procedure is given to verify the proposed evaluate method.