52ky 发表于 2022-9-11 14:29:01

基于攻击检测的网络安全风险评估方法

为了实时评价网络安全危险,搭建了用于描绘主机安全状况的隐马尔可夫模型,以侵/入检测系统的报警信息作为模型输入,计算主机处于被攻击状况的概率。用于攻击报警,提出了一种新的攻击成功概率计算方法,然后联系攻击要挟度计算主机节/点的危险指数。最终利用主机节/点重要性权重与节/点危险指数量化计算网络危险。实例分析标明,该方法可以动态制作网络安全危险态势曲线,有利于指导安全管理员及时调整安全策略。

(In order to evaluate the network security risks in real time, a Hidden Markov Model is built to describe the security status of the host. The alarm information of the intrusion/intrusion detection system is used as the model input to calculate the probability of the host being attacked. For attack alarm, a new attack success probability calculation method is proposed, and then the risk index of the host node/point is calculated according to the attack threat degree. Finally, the network risk is quantified by using the host node/point importance weight and the node/point risk index. The example analysis shows that this method can dynamically create the network security risk situation curve, which is beneficial to guide the security administrator to adjust the security policy in time.)




页: [1]
查看完整版本: 基于攻击检测的网络安全风险评估方法