计算机工程
計算機工程
계산궤공정
COMPUTER ENGINEERING
2009年
23期
155-157,160
,共4页
网络安全%渗透图%网络弱点%关联关系
網絡安全%滲透圖%網絡弱點%關聯關繫
망락안전%삼투도%망락약점%관련관계
network security%exploit graph%network vulnerability%association relati
提出一种基于渗透图的网络弱点评估模型(EG_NVM),从网络弱点采集、弱点关联分析出发,参考网络环境配置与拓扑结构、模拟渗透状态改变的过程,构建渗透图,通过对关键渗透序列的量化分析进行网络弱点评估.利用EG_NVM能够有效解决生成图"状态爆炸"的问题并直观显示各弱点相互潜在的关联关系.通过一个典型仿真环境,验证了该方法的可行性和有效性.
提齣一種基于滲透圖的網絡弱點評估模型(EG_NVM),從網絡弱點採集、弱點關聯分析齣髮,參攷網絡環境配置與拓撲結構、模擬滲透狀態改變的過程,構建滲透圖,通過對關鍵滲透序列的量化分析進行網絡弱點評估.利用EG_NVM能夠有效解決生成圖"狀態爆炸"的問題併直觀顯示各弱點相互潛在的關聯關繫.通過一箇典型倣真環境,驗證瞭該方法的可行性和有效性.
제출일충기우삼투도적망락약점평고모형(EG_NVM),종망락약점채집、약점관련분석출발,삼고망락배경배치여탁복결구、모의삼투상태개변적과정,구건삼투도,통과대관건삼투서렬적양화분석진행망락약점평고.이용EG_NVM능구유효해결생성도"상태폭작"적문제병직관현시각약점상호잠재적관련관계.통과일개전형방진배경,험증료해방법적가행성화유효성.
This paper presents the Network Vulnerability Model based on the Exploit Graph(EG_NVM). The model collects the network vulnerability, analyzes the vulnerability relation, references network configuration and topology, simulates the produce of the exploitation state change, builds exploit graph, analyzes the key exploit queue and constructs assessment of network vulnerability, which provides a useful evidence and guidance for making risk decision. The EG_NVM can effectively resolve the "state explosion" of the others', and visually display the vulnerability of each relationship. Typical simulation verifies its feasibility and effectiveness.