计算机科学

计算机科学 ›› 2018, Vol. 45 ›› Issue (1): 245-248.doi: 10.11896/j.issn.1002-137X.2018.01.043

• 信息安全 • 上一篇    下一篇

多阶段大规模网络攻击下的网络安全态势评估方法研究

唐赞玉,刘宏   

  1. 吉首大学信息科学与工程学院 湖南 吉首416000,湖南师范大学数学与计算机学院 长沙410081
  • 出版日期:2018-01-15 发布日期:2018-11-13
  • 基金资助:
    本文受国家自然科学基金项目(61662025)资助

Study on Evaluation Method of Network Security Situation under Multi-stage Large-scale Network Attack

TANG Zan-yu and LIU Hong   

  • Online:2018-01-15 Published:2018-11-13

PDF (PC)

592

摘要: 针对传统的网络安全态势评估方法一直存在评估偏差较大的问题,为了准确分析网络安全状况,提出一种新的多阶段大规模网络攻击下的网络安全态势评估方法。首先根据多阶段大规模网络攻击下的网络安全多数据源的特点,建立基于信息融合的多阶段大规模网络攻击下的网络安全态势评估模型;然后对大规模网络攻击阶段进行识别,计算网络攻击成功的概率和网络攻击阶段的实现概率;最后利用CVSS中的3个评价指标对网络安全态势进行评估。实例分析证明,所提方法更加符合实际应用,评估结果准确且有效。

关键词: 多阶段大规模网络攻击,网络安全态势,评估方法

Abstract: For the traditional network security situation assessment method,there is always a problem of large evaluation bias.In order to accurately analyze the network security situation,a network security situation assessment method of multi-stage large-scale network attack under the new network security was proposed.Firstly,based on the characteri-stics of multiple data sources under multi-stage large-scale network attack,the network security situation assessment model of multi-stage large-scale network attack was established based on information fusion.Next,large-scale network attack stage was identified,and the success probability of network attack and implementation probability of network attack phase were calculated.Finally,three indexes in CVSS was used for network security situation assessment.The exam-ple analysis shows that the proposed method is more suitable for practical application,and the evaluation results are accurate and effective.

Key words: Multi-stage large-scale network attack,Network security situation,Assessment method

[1] ZHANG K.Big Data Network Intrusion Traces of Process Data Monitoring Method Research[J].Science Technology and Engineering,2016,6(14):254-258.(in Chinese) 张凯.大数据网络入侵过程的痕迹数据监测方法研究[J].科学技术与工程,2016,6(14):254-258.
[2] TIAN G W.Optimal Identification Algorithm for Virus Attack in Super Dense Network[J].Bulletin of Science and Technology,2016,2(6):145-148.(in Chinese) 田关伟.超密集网络中病毒攻击优化识别算法[J].科技通报,2016,2(6):145-148.
[3] ZHANG J L.Network Security Risk Dynamic Evaluation MethodResearch[J].Computer Simulation,2016,3(10):356-360.(in Chinese) 张俊林.网络安全风险动态评估方法研究[J].计算机仿真,2016,3(10):356-360.
[4] WANG G H.Research on Network Security Situation Awareness Based on Genetic Algorithm[J].Computer Measurement & Control,2016,4(12):155-157.(in Chinese) 王国华.基于遗传算法的网络安全态势感知研究[J].计算机测量与控制,2016,4(12):155-157.
[5] HUANG H J.Network security evaluation based on cloud computing[J].Electronic Design Engineering,2016,4(12):115-117.(in Chinese) 黄海军.基于云计算的网络安全评估[J].电子设计工程,2016,4(12):115-117.
[6] WANG X,LI Q M,QI Y.Real Time Analysis Method of Network Security Risk Based on Markov Model[J].Computer Scien-ce,2016,3(S2):338-341.(in Chinese) 王笑,李千目,戚湧.一种基于马尔科夫模型的网络安全风险实时分析方法[J].计算机科学,2016,3(S2):338-341.
[7] CHEN H,WANG F,XIAO Z J,et al(1)Network security situation assessment model fusing multi-source data[J].Computer Engineering and Applications,2015,1(17):96-101.(in Chinese) 陈虹,王飞,肖振久,等.一种融合多源数据的网络安全态势评估模型[J].计算机工程与应用,2015,1(17):96-101.
[8] MA C G,WANG C H,ZHANG D H,et al(1)A Dynamic Network Risk Assessment Model Based on Attacker’s Inclination[J].Journal of Computer Research and Development,2015,2(9):2056-2068.(in Chinese) 马春光,汪诚弘,张东红,等.一种基于攻击意愿分析的网络风险动态评估模型[J].计算机研究与发展,2015,2(9):2056-2068.
[9] LI F W,ZHANG X Y,ZHU J,et al(1)Network security situatio-nal awareness model based on information fusion[J].Journal of Computer Applications,2015,5(7):1882-1887.(in Chinese) 李方伟,张新跃,朱江,等.基于信息融合的网络安全态势评估模型[J].计算机应用,2015,5(7):1882-1887.
[10] WANG K,QIU H,YANG H P.Network security situationevaluation method based on attack pattern recognition[J].Journal of Computer Applications,2016,6(1):194-198.(in Chinese) 王坤,邱辉,杨豪璞.基于攻击模式识别的网络安全态势评估方法[J].计算机应用,2016,6(1):194-198.
[11] HUANG Z H,WU L L,ZHANG B.Network Security Threatsand Prevention on Cloud Computing[J].Journal of Chongqing University of Technology(Natural Science),2012,6(8):85-90.(in Chinese) 黄志宏,巫莉莉,张波.基于云计算的网络安全威胁及防范[J].重庆理工大学学报(自然科学),2012,26(8):85-90.
No related articles found!
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发