摘要
为了弥补当前网络安全态势评估系统的不足,提出了一种基于攻防对抗环境的网络安全态势量化评估算法。该方法在深入分析影响安全态势各项因素的基础上,将传统的风险评估与网络防护状况、资产安全特性等环境因素相结合,提取出多个量化指标,按照攻击类别进行安全态势的量化评估。实验结果表明,该方法能够为安全管理人员提供更为客观、详实的态势信息,使之更为清晰地把握整个网络的安全状况。
In order to improve the current network security evaluation systems, a novel evaluation algorithm, called the quantitative network security evaluation based on attack-defense confrontation, is proposed in this paper. In this algorithm, the traditional risk assessment is combined with network environment factors such as the network running status, asset security characteristics and so on, and several quantitative indexes are extracted based on the analysis of factors which can affect the LAN's security situation. Then, evaluations are made based on a classification of attacks. Experiment results show that the novel algorithm can be used to extract situation information more objective and detailed so the security administrator may form a clearer picture for the LAN's security situation.
出处
《科技导报》
CAS
CSCD
2007年第7期9-12,共4页
Science & Technology Review
关键词
攻防对抗
网络安全
态势评估
attack-defense confrontation
network security
situation evaluation
作者简介
姚淑萍,女,北京市海淀区中关村南大街5号北京理工大学计算机网络攻防对抗技术实验室,讲师,研究方向为信息安全;E—mail:yaosping@163.com
