攻击图和HMM结合的网络安全风险评估方法研究
Research on Network Security Risk Assessment Method Combined with Attack Graph and HMM
-
摘要: 为了解决传统网络安全风险评估不能有效评价网络安全风险动态变化的缺点,根据网络安全的特性,提出了攻击图和隐马尔可夫模型(HMM)相结合的网络安全风险评估方法.采用攻击图生成网络攻击路径,从复杂度和防御能力等方面量化攻击威胁等级,利用隐马尔可夫模型计算攻击路径的攻击成功率,结合网络资产的重要程度确定网络安全风险值.通过实例分析表明,该方法能够提高网络安全风险评估的准确性,能够有效地对网络安全状况进行分析,具有较高的实用性.Abstract: In order to solve the shortcomings that traditional network security risk assessment can not evaluate the network security risk effectively and dynamically, according to the characteristics of network security, the network security risk assessment method combined with attack graph and hidden Markov model was proposed. The attack graph generated the network attack path,the attack threat level was quantified from the aspects of complexity and defense ability, the attack success rate of the attack path was calculated using a hidden Markov model, the network security risk value was determined with the importance of network assets. The research example showed that the method can improve the accuracy of network security risk assessment, analyze effectively the network security situation, and has higher practicability