期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于扩散分析的网络安全威胁态势评估 被引量:3

Network security threat situation evaluation based on spread analysis
下载PDF
导出
摘要 针对多数态势评估方法欠缺对授权与依赖关系的考虑、无法反映间接威胁、评估结果对动态防御的指导作用不大的问题,提出了一种以威胁扩散分析为基础、以攻击意图揣测为延伸的评估方法。首先评估了攻击施加的直接威胁,及其沿着依赖关系扩散引发的间接威胁。然后探讨了多攻击并发时的非线性叠加效应。最后使用覆盖法和聚类法揣测攻击意图。实验表明,该方法能更透彻、更精准地揭示安全状况,较好地指导动态防御。 Most situation evaluation methods lack the consideration for authorization and dependency relationship,unable to reflect indirect threats,so the assessment results guide dynamic defense poorly.Regarding these problems,an evaluation method was proposed,which takes threat spread analysis as its basis,and attack intention guess as its extension.First,the direct and indirect threats were evaluated;the direct threats originate from attacks,and the indirect threats were caused by the spread of direct threats along the dependency relationships.Then,the nonlinear overlapping effects under multiple concurrent attacks were discussed.Finally,the covering and clustering method was used to guess attack intensions.Experiment shows that the proposed method can reveal security situation more thoroughly and accurately,and can guide dynamic defense preferably.
作者 李志东 杨武 王巍 苘大鹏
机构地区 哈尔滨工程大学信息安全研究中心
出处 《吉林大学学报(工学版)》 EI CAS CSCD 北大核心 2012年第1期145-149,共5页 Journal of Jilin University:Engineering and Technology Edition
基金 '863'国家高技术研究发展计划项目(2007AA01Z473) 国家242信息安全计划项目(2007B17) 哈尔滨工程大学研究基金项目(HEUFT09011)
关键词 计算机应用 网络安全 威胁态势评估 扩散分析 攻击意图 computer application network security threat situation evaluation spread analysis attack intention
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献7

二级参考文献18

  • 1冯登国,张阳,张玉清.信息安全风险评估综述[J].通信学报,2004,25(7):10-18. 被引量:308
  • 2张永铮,云晓春,胡铭曾.基于特权提升的多维量化属性弱点分类法的研究[J].通信学报,2004,25(7):107-114. 被引量:35
  • 3陈秀真,郑庆华,管晓宏,林晨光.层次化网络安全威胁态势量化评估方法[J].软件学报,2006,17(4):885-897. 被引量:341
  • 4冯萍慧,连一峰,戴英侠,鲍旭华.基于可靠性理论的分布式系统脆弱性模型[J].软件学报,2006,17(7):1633-1640. 被引量:30
  • 5Lakkaraju K, Yurcik W, Lee A J. NVisionIP: NetFlow visualizations of system state for security situational awareness [C] //Proc of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security. New York: ACM, 2004:65-72 被引量:1
  • 6Yin Xiaoxin, Yurcik W, Treaster M, et al. VisFlowConnect: NetFlow visualizations of link relationships for security situational awareness [C] //Proc of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security. New York: ACM, 2004:26-34 被引量:1
  • 7朱亮,王慧强,郑丽君.网络安全态势可视化研究评述[OL].[2008-01-08].http://www.paper.edu.cn/downloadpaper.php?serial_number=200607-36 被引量:2
  • 8Bass T. Intrusion detection systems & multisensor data fusion: Creating Cyberspace Situational Awareness [J].Communications of the ACM, 2000, 43(4): 99-105 被引量:1
  • 9D'Ambrosio B. Security situation assessment and response evaluation (SSARE) [C]//DISCEX'01. Proceedings: DARPA Information Survivability Conference & Exposition Ⅱ. Los Alamitos: IEEE Computer Society, 2001:387-394 被引量:1
  • 10Gorodetsky V, Karsaev O, Samoilov V. On-line update of situation assessment based on asynchronous data streams [C]//Knowledge Based Intelligent Information and Engineering Systems. Berlin/Heidelberg: Springer, 2004 : 1136-1142 被引量:1

共引文献509

同被引文献33

  • 1高鹰,谢胜利.混沌粒子群优化算法[J].计算机科学,2004,31(8):13-15. 被引量:104
  • 2任伟,蒋兴浩,孙锬锋.基于RBF神经网络的网络安全态势预测方法[J].计算机工程与应用,2006,42(31):136-138. 被引量:71
  • 3Bass T.Intrusion systems and multisensor data fusion:creating cyber-space situational awareness[J].Communications of the ACM,2000,43(4):99-105. 被引量:1
  • 4Yroik W.Visualizing NetFIows for Security at Line Speed:The SIFTTool Suite[C]//19th Usenix Large Installation System AdministrationConference(LISA),San Diego,CA USA,Dec.2005. 被引量:1
  • 5Stephen L.The Spinning Cube of Potential Doom[J].CommunicationsACM,2004,47(6):25-26. 被引量:1
  • 6Huiqiang W,Liang Z,Jibao L.Study of Network Security SituationAwareness Model Based on Simple Additive Weight and Grey Theory[C]//Proceedings of 2006 International Conference on ComputationalIntelligence and Security,ICCIAS2006.Harbin,China:Harbin IndustrialUniversity,2006:1545-1548. 被引量:1
  • 7Batsel S G1Rao I N S,Shankar M.Distributed Intrusion Detection andAttack Containment for Organizational Cyber Security[EB/OL].http://www.ioc.om.l gov/projects/ documents/containment,pdf.2005. 被引量:1
  • 8Dempster A P.Upper and lower probabilities induced by a multi-valuedmapping[J].Ann Math Statist,1967,38(2):325-339. 被引量:1
  • 9Yager R.On the dempster-shafer framework and new combination rules[J].Information Sciences,1987,41(2):93-137. 被引量:1
  • 10Tim Bass. Intrusion Detection Systems and Multi sensor Data Fusion:Creating Cyberspace Situational Awareness[J].{H}Communications of the ACM,2000,(4):99-105. 被引量:1

引证文献3

二级引证文献15

吉林大学学报(工学版)
2012年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部