期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于粗糙图的网络风险评估模型 被引量:9

Network risk assessment model based on rough graph
在线阅读 下载PDF
导出
摘要 针对在进行网络安全分析时所获得的信息系统是不完备的、粗糙的这一特性,将网络攻击过程类比于粗糙不确定性问题的关系挖掘过程,提出基于粗糙图的网络风险评估模型。该模型由部件节点粗糙关联网络、攻击图的粗糙图生成算法以及网络风险最大流分析算法三部分主要内容组成;并以一个具有代表性的网络系统实例阐明了该模型的使用方法,验证了模型的正确性。模型优势分析表明其较以往的攻击图、风险评价模型更能真实地反映实际情况,所获得的评估结论、安全建议等也更加准确、合理。 Concerning the characteristic that the information system obtained from doing network security analysis is rough and incomplete, this paper compared the process of attack to the rough and uncertain relationship mining process by analogy, and proposed a new network risk assessment model based on rough graph. The model is made up of three parts of main contents including node rough correlation network, attack graph generation algorithm based on rough graph and network risk maximum flow analysis algorithm. In the end, this paper used a representative example of network system to explain the method of model, and verified the correctness. Model advantage analysis shows that the model can reflect the actual situation better than the previous attack graph model and risk assessment model, and the conclusion and safety recommendations are more accurate and reasonable.
作者 黄光球 李艳
机构地区 西安建筑科技大学管理学院
出处 《计算机应用》 CSCD 北大核心 2010年第1期190-195,共6页 journal of Computer Applications
基金 陕西自然科学基金资助项目(2007E217) 陕西省教育厅专项基金资助项目(09JK524)
关键词 网络风险评估 网络攻击模型 攻击图 粗糙图 粗糙网络 network risk assessment network attack model attack graph rough graph rough network
分类号 TP393.08 [自动化与计算机技术—计算机应用技术] TP309.5 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献24

  • 1BENNETF S P, KAILAY M P. An application of qualitative risk analysis to computer security for the commercial sector[ C]// Proceedings of the 8th IEEE Annual Computer Security Applications Conference. San Antonio: IEEE Computer Society Press, 1992:64 -73.
  • 2VISINTINE V. An introduction to information risk assessment[ R]. SANS Institute, 2003.
  • 3SCHNEIER B. Secrets and lies: Digital security in a networked world[ M]. New York: John Wiley and Sons, 2000.
  • 4DACIER M . Towards quantitative evaluation of computer security [ D]. Toulouse, France: Institute National Polyteehnique de Toulouse, 1994.
  • 5ORTALO R , DESWARTE Y , KAANICHE M . Experimenting with quantitative evaluation tools for monitoring operational security [J]. IEEE Transactions on Software Engineering, 1999, 25(5):633 -650.
  • 6PORRAS P A, KEMMERER R. A penetration state transition analysis: A rule-based intrusion detection approach[ C]//Proceedings of the 8th Annual Computer Security Applications Conference. New York: IEEE, 1992:220 - 229.
  • 7STEVENS F, COURTNEY T, SINGH S, et al. Model-based validation of an intrusion-tolerant information system[ C]//Proceedings of the 23rd Symposium on Reliable Distributed Systems. New York: IEEE, 2004:184 - 194.
  • 8MADAN B, POPSTOJANOVA K, VAIDYANATHAN K, et al. A method for modeling and quantifying the security attributes of intrusion tolerant systems[ J]. Performance Evaluation, 2004, 56 ( 1 ) : 167 - 186.
  • 9HELMER G, WONG J, SLAGELL M, et al. Software fault tree and colored Petri net based specification, design and implementation of agent based intrusion detection system[ J]. Requirements Engineering, 2000, 7(4) : 207 - 220.
  • 10McDERMOTT J. Attack net penetration testing[C]// Proceedings of 2000 New Security Paradigms Workshop. New York: ACM, 2000:15 -21.

二级参考文献33

  • 1张永铮,云晓春,胡铭曾.基于特权提升的多维量化属性弱点分类法的研究[J].通信学报,2004,25(7):107-114. 被引量:35
  • 2滕少冬,王志良,王莉,刘冀伟,解仑.基于马尔可夫链的情感计算建模方法[J].计算机工程,2005,31(5):17-19. 被引量:14
  • 3Pawlak Z. An inquiry into anatomy of eonfliets[J]. Journal of Information Sciences, 1998(109) : 65 - 68.
  • 4Zhang W X, Wu W Z, Liang J Y. Rough sets theories and methods. Beijing: Science Press, 2003.
  • 5He T, Shi K Q. Rough graph and its structure[J].Journal of Shandong University, 2006(6) : 88 - 92.
  • 6He T, Chen Y, Shi K Q. Weighted Rough graph and its application[C]//Proceedings of Sixth IEEE International Conference on Intelligent System Design and Applications, 2006 (1) : 486 -491.
  • 7Tao J H, Tan T N, Picard R W. Affective computing and intelligent interaction[M]. Berlin:Springer, 2005.
  • 8Chen Y, He T. Affeetive computing model based on Rough sets [C]//Proceedings of First International Conference on Affectire Computing and Intelligent Interaction, Beijing, Lecture Notes of Computer Science, Berlin- Heidelberg : Springer- Verlag, 2005: 606-613.
  • 9Chen Y, Chen Y H. Affective computing model based on Rough fuzzy Sets[C]//Proceedings of Fifth IEEE International Conference on Cognitive Informatics, IEEE Computer Society. Beijing, 2006(2) : 835 - 839.
  • 10Ye Y Q, He C D, Liang N J. General psychology[M]. Shanghai: East China Normal University Press, 1997.

共引文献128

同被引文献70

引证文献9

二级引证文献27

计算机应用
2010年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部