摘要
传统的网络信息漏洞评估方法因未设置权重,易导致安防人员无法根据网络中心度计算值评估信息漏洞风险值的大小,造成评估效果差的问题。为此,设计了一种单项传输状态下网络信息漏洞量化评估方法。在单项传输状态下,利用分析模型对网络信息漏洞进行多维度分析,在此基础上设置权重,结合定性方法量化信息漏洞的固有属性值。为综合评估信息漏洞,利用功效系数法变换信息漏洞关联风险,得出信息漏洞风险值,实现对单项传输状态下网络信息漏洞的量化评估。分别测试传统方法和本文方法的网络中心度计算值,根据计算结果评判两种方法的评估。实验结果表明,提出的方法可以在复杂的信息漏洞空间网络中对网络中心度值实施计算,且输出的评估结果信噪比较高,评估效果明显优于传统方法。
Because the traditional network information vulnerability assessment method does not set the weight,it is easy for security personnel to be unable to evaluate the information vulnerability risk value based on the calculation value of network centrality,resulting in poor evaluation effect.Therefore,this study designs a quantitative evaluation method of network information vulnerability in a single transmission state.In a single state of transmission,the analysis model is used to analyze the network information vulnerability in a multi-dimensional way.On this basis,weights are set,and the inherent attribute values of information vulnerability are quantified with the qualitative method.In order to comprehensively evaluate information vulnerability,the method of efficiency coefficient is used to transform the risk associated with information vulnerability,and the risk value of information vulnerability is obtained,so as to realize the quantitative evaluation of network information vulnerability under a single state of transmission.The calculated value of network centrality of the traditional method and the method proposed in this paper are tested respectively.The experimental results show that this method can calculate the network centrality value in the complex information vulnerability spatial network,and the output evaluation results are high SNR,and the evaluation effect is obviously better than the traditional method.
作者
栗维勋
马斌
栗会峰
LI Weixun;MA Bin;LI Huifeng(State Grid Hebei Power Company,Shijiazhuang 050000,China;Research Institute,State Grid Hebei Electric Power,Shijiazhuang 050000,China)
出处
《微型电脑应用》
2021年第2期80-83,共4页
Microcomputer Applications
关键词
单向传输状态
信息漏洞
量化方法
评估
生命周期
one-way transmission state
information loopholes
quantitative method
assessment
life cycle
