摘要
鉴于SOAP协议本身固有的安全脆弱性可致网络及服务面临泛洪攻击的威胁,在深入研究提供网络系统安全及可靠性建设所需的效能评估技术基础上,针对灰色评估法的局限性,将模糊评估法引入SOAP泛洪攻击效能评估,建立SOAP泛洪攻击效能模糊评估模型,其核心为攻击评判矩阵的确立、隶属度矩阵的定制、指标权重的配置以及综合评估的实施。基于建立的攻击效能模糊评估模型,利用采集测量的样本数据进行了实例验证。验证结果表明:该方法更具适用性,不仅可以提供攻击效能的确定性评估结论,而且可以合理地区分攻击的有效程度。
In view of SOAP flooding attack threats to networks and services with the inherent protocol security vulnerability,especially the limitations of grey evaluation technology,the fuzzy evaluation method is studied according to the efficiency evaluations for the demand on network system security and reliability. Therefore,a fuzzy efficiency evaluation model for SOAP flooding attack is proposed,the focus of which is on attack evaluation matrix description,membership degree matrix selection,weight configuration and comprehensive evaluation. Moreover,the evaluation example with the SOAP flooding attack samples is presented on the basis of the proposed attack efficiency evaluation model. The results show that the fuzzy efficiency evaluation method for SOAP flooding attack has better adaptability than grey evaluation,and can draw the certain evaluation conclusions,as well as supply the scientific and sensible discrimination of attack efficiency.
出处
《兵工学报》
EI
CAS
CSCD
北大核心
2015年第11期2203-2208,共6页
Acta Armamentarii
基金
国家自然科学基金项目(60802031)
新世纪优秀人才支持计划项目(NCET-11-1013)
辽宁省教育厅科学技术研究项目(L2012065
L2013085)
辽宁省科技厅科学技术研究项目(20121038)
关键词
计算机科学技术基础学科
模糊评估
SOAP泛洪
攻击效能
basic discriplines of computer science and technology
fuzzy evaluation
SOAP flooding
attack efficiency
