基于累积效应的网络脆弱性扩散分析方法

发布时间：2018-03-18 13:17

本文选题：脆弱性扩散　切入点：网络风险评估　出处：《计算机应用》2015年08期 　论文类型：期刊论文

【摘要】：网络脆弱性评估是一种主动防范技术,意在攻击发生之前对安全态势进行分析进而制定防御措施,但传统的定量分析模型不能对实体间动态交互关系有很好的展现,而且大都不能得出风险扩散的全局化结果。将脆弱性扩散过程类比于社会网络中影响力传播过程,提出了基于累积效应的网络脆弱性扩散分析方法,定义的脆弱性扩散分析模型给出了细粒度级的主体关系结构,利用攻击效果累积特性提出的分析算法可以更准确地刻画脆弱性扩散规则,保证更好的影响范围。最后对该模型和算法进行了实例验证,在模型描述简洁性、分析结果准确性、安全建议合理性等方面的横向比较分析,验证了模型在评估结果直观性和制定成本最小安全措施等方面的优势。
[Abstract]:Network vulnerability assessment is an active defense technology, which is intended to analyze the security situation before the attack and formulate defense measures. However, the traditional quantitative analysis model can not show the dynamic interaction between entities. And most of them can not get the global result of risk diffusion. Comparing the process of vulnerability diffusion to the process of influence spread in social network, a method of network vulnerability diffusion analysis based on cumulative effect is proposed. The defined vulnerability diffusion analysis model gives the fine-grained agent relationship structure, and the analysis algorithm based on the cumulative attack effect can describe the vulnerability diffusion rules more accurately. Finally, an example is given to verify the model and algorithm, which is compared and analyzed in the following aspects: simplicity of the model description, accuracy of analysis results, rationality of safety recommendations, and so on. The advantages of the model in evaluating the results and making the least cost safety measures are verified.
【作者单位】：西安建筑科技大学管理学院;
【基金】：陕西省科学技术研究发展计划项目(2013K1117) 陕西省重点学科建设专项资金资助项目(E08001) 陕西省教育厅科技计划项目(12JK0789)
【分类号】：TP393.08

【参考文献】