科技通报
科技通報
과기통보
BULLETIN OF SCIENCE AND TECHNOLOGY
2013年
8期
38-40
,共3页
网络风险评估%马尔科夫链%攻击图%成功概率
網絡風險評估%馬爾科伕鏈%攻擊圖%成功概率
망락풍험평고%마이과부련%공격도%성공개솔
network risk evaluation%markov chain%attack graph%the probability of success
现有的网络风险评估的方式主要是基于攻击图模型,最重要的步骤是在攻击图生成后,对其进行量化分析的过程。本文在分析攻击图生成方式和现有研究成果的基础上,提出了基于马尔科夫链的攻击图量化分析方法,并结合实例阐述了攻击图的生成过程。在网络攻击模型中,加入了可能性和复杂性的分析。因此,可以更为精确地对易受攻击环节和攻击成功概率进行定量评估。
現有的網絡風險評估的方式主要是基于攻擊圖模型,最重要的步驟是在攻擊圖生成後,對其進行量化分析的過程。本文在分析攻擊圖生成方式和現有研究成果的基礎上,提齣瞭基于馬爾科伕鏈的攻擊圖量化分析方法,併結閤實例闡述瞭攻擊圖的生成過程。在網絡攻擊模型中,加入瞭可能性和複雜性的分析。因此,可以更為精確地對易受攻擊環節和攻擊成功概率進行定量評估。
현유적망락풍험평고적방식주요시기우공격도모형,최중요적보취시재공격도생성후,대기진행양화분석적과정。본문재분석공격도생성방식화현유연구성과적기출상,제출료기우마이과부련적공격도양화분석방법,병결합실례천술료공격도적생성과정。재망락공격모형중,가입료가능성화복잡성적분석。인차,가이경위정학지대역수공격배절화공격성공개솔진행정량평고。
The existed network risk assessment approaches were mainly based on attack graphs model, the most important step was the process of quantitative analysis after the generation of attack graph. The paper proposed attack graph analy-sis method based on Markov chain in the foundation of analysis of attack graph generation and existed research results, and elaborated the attack graph generation process with examples. In the network attack model, the possibility and the complexity of the analysis were joined in the method. Therefore, the vulnerable link and success probability of attack could be more accurate in quantitative evaluation.
