期刊文献+

基于网络中心性的计算机网络脆弱性评估方法 被引量:14

Network-vulnerability evaluation method based on network centrality
原文传递
导出
摘要 提出一种基于网络中心性的计算机网络脆弱性评估方法.首先基于通用脆弱性评分系统,对攻击者利用脆弱性攻击所花费的代价进行量化评估,根据评估结果对脆弱性攻击图进行最小攻击代价路径分析.引入网络中心性理论,采用攻击图节点的介数和节点连通度相结合的方法,对攻击图的节点关键程度进行量化分析,判断对网络安全产生关键影响的脆弱性,为计算机网络的安全优化提供依据. We propose a method based on network centrality to evaluate the vulnerabilities of computer networks.We evaluate the attack costs based on CVSS and analyze the minimum attack cost routes by using the quantitative results.Then,we present a new network centrality method which combines betweenness with degree-theory to analyze the importance of the nodes in attack graph.The method helps us to find the key vulnerabilities which have great effect on network security and to enhance the network security.
出处 《中国科学院研究生院学报》 CAS CSCD 北大核心 2012年第4期529-535,共7页 Journal of the Graduate School of the Chinese Academy of Sciences
基金 国家高技术研究发展计划(863)(2009AA01Z439)资助
关键词 脆弱性 脆弱性攻击图 网络中心性 介数 攻击代价 vulnerability vulnerabilities attack graph network centrality betweenness attack cost
  • 相关文献

参考文献10

  • 1Frigault M, Wang L Y, Singhal A, et al. Measuring network security using dynamic Bayesian network[ C] ffConference on Computer and Communications Security Proceedings of the 4th ACM Workshop on Quality of Protection. New York, USA :ACM, 2008:23-30.
  • 2冯萍慧,连一峰,戴英侠,鲍旭华.基于可靠性理论的分布式系统脆弱性模型[J].软件学报,2006,17(7):1633-1640. 被引量:31
  • 3张海霞,苏璞睿,冯登国.基于攻击能力增长的网络安全分析模型[J].计算机研究与发展,2007,44(12):2012-2019. 被引量:27
  • 4姜伟,方滨兴,田志宏,张宏莉.基于攻防博弈模型的网络安全测评和最优主动防御[J].计算机学报,2009,32(4):817-827. 被引量:153
  • 5Sawilla R, Ou X M. Googling attack graphs[ RI. Defence R & D,Canada,Ottawa, Tech. Rep: TM 2007-205, 2007.
  • 6FIRST. A complete guide to the common vulnerability scoring system version 2.0[ DB/OL]. [2011-02-01 ]. http: //www. first, org/cvss/ cvss-guide, html.
  • 7Barthelemy M. Betweenness centrality in large complex networks[ J]. Eurpean Physical Journal B ,2004,38 (2) :163-168.
  • 8Steven N, Sushil J D, Brian 0 B, et al. Efficient minimum-cost network hardening via exploit dependency graphs[ C ]// Proceedings of ACSAC. 2003:86-95.
  • 9National Institute of Standards and Technology. National vulnerability database [ DB/OL ]. [ 2011-03-153. http: // nvd. nist. gov/.
  • 10Bugtraq Vulnerability Archives. SecufityFocus[ DB/OL]. [2011-03-15]. http://www, securityfocus, com/vulnerabilities.

二级参考文献57

共引文献202

同被引文献54

引证文献14

二级引证文献30

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部