摘要
针对传统攻击树模型在计算攻击事件发生概率时未考虑各安全属性权值的不足,设计了一种基于层次分析法的攻击树模型。在计算攻击事件发生概率时,首先给每个叶节点赋予不同安全属性;然后根据攻击者意图和系统特征比较各安全属性对攻击事件发生概率的影响程度,构造判断矩阵;最后对所得矩阵进行一致性检验,若符合要求,则将其特征向量进行归一化处理,即得各安全属性权值。实际应用表明,利用该方法计算所得出的攻击事件发生概率更贴近系统实际。
In view of the problem that the traditional attack tree model does not consider the weight of each security attribute when calculating the probability of attack events, this paper designed an attack tree model based on analytic hierarchy process. In the calculation of the probability of attack events, firstly, it gave different security attributes to each leaf node. Then ac- cording to the attacker' s intention and system characteristics, it compared the influence degree of the security attributes on the occurrence probability of attack events and built judgment matrix. Finally, it tested the consistency of the resulting matrix, if it meets the requirements, the feature vectors of matrix have been normalized to get the security attribute weights. The practical application shows that using this method to calculate the probability of attack events is much closer to the actual system.
作者
何明亮
陈泽茂
龙小东
He Mingliang Chen Zemao Long Xiaodong(Information Security Department, Naval University of Engineering, Wuhan 430033, China PLA 91860 Forces, Shanghai 201906, China)
出处
《计算机应用研究》
CSCD
北大核心
2016年第12期3755-3758,共4页
Application Research of Computers
基金
国家社会科学基金军事学资助项目(15G003-201)
中国博士后基金资助项目(2014M552656)
湖北省自然科学基金资助项目(2015CF867)
关键词
攻击树
威胁分析
层次分析法
判断矩阵
attack tree
threat analysis
analytic hierarchy process
judgment matrix
