摘要
针对网络业务安全风险评估问题,提出了一种基于STRIDE威胁建模和隐式马尔科夫模型理论的STRIDE-HMM风险评测方法,该方法以网络业务为切入点,给出了任务描述模型、任务资产模型、任务风险评估模型的构建方法及其联系。任务描述模型给出了任务阶段划分及相应的资产集、漏洞集和威胁集;任务资产模型给出了任务各阶段所依赖的资产集合,在此基础上采用隐式马尔科夫模型方法给出了资产安全状态量化计算方法;任务风险评估模型按照资产分类集合的结果,采用聚合分析方法给出了任务风险值计算方法,进而实现面向网络业务的风险评测。为了验证提出方法的有效性,采用TMT威胁建模工具典型web应用给出的资产、漏洞、威胁示例,利用提出的模型和方法对该示例进行了仿真验证,实验结果表明:该方法可为面向任务的安全计划制定和调度提供决策支持。
In view of network business security risk assessment problems,a STRIDE-HMM network risk assessment and prediction method based on STRIDE threat modeling and HMM theory is proposed.Taking the network service as an entry point,the construction method of the task description model,the task asset model and the task risk assessment model and the relationship are given among them.The task description model gives the task phase partitioning and corresponding asset sets,vulnerability sets,and threat sets;The task asset model gives a set of assets depended on each stage of the task.On the basis of this,HMM is used to give the quantitative calculation method of asset security status.The task risk assessment model realizes the risk assessment for network business by using aggregation analysis method to achieve the task risk value calculation method according to the results of the asset classification set.To verify the effectiveness of the proposed method,a typical web application example of assets,vulnerabilities and threats combined with threat modeling tool TMT is given.The result proves that the proposed method can provide decision support for the security planning and scheduling oriented to the needs of tasks.
作者
孙奥
殷肖川
李小青
SUN Ao;YIN Xiaochuan;LI Xiaoqing(Information and Navigation College,Air Force Engineering University,Xi’an 710077,China)
出处
《空军工程大学学报(自然科学版)》
CSCD
北大核心
2019年第5期105-110,共6页
Journal of Air Force Engineering University(Natural Science Edition)
基金
国家自然科学基金(71503260)
关键词
面向任务
风险评估
威胁建模
风险预测
task-oriented
risk assessment
threat modeling
risk prediction
