吉林大学学报(工学版) ›› 2012, Vol. 42 ›› Issue (01): 145-149.

• paper • Previous Articles     Next Articles

Network security threat situation evaluation based on spread analysis

LI Zhi-dong, YANG Wu, WANG Wei, MAN Da-peng   

  1. Information Security Research Center, Harbin Engineering University, Harbin 150001, China
  • Received:2010-07-12 Online:2012-01-01 Published:2012-01-01

PDF (PC)

563

Abstract:

Most situation evaluation methods lack the consideration for authorization and dependency relationship, unable to reflect indirect threats, so the assessment results guide dynamic defense poorly. Regarding these problems, an evaluation method was proposed, which takes threat spread analysis as its basis, and attack intention guess as its extension. First, the direct and indirect threats were evaluated; the direct threats originate from attacks, and the indirect threats were caused by the spread of direct threats along the dependency relationships. Then, the nonlinear overlapping effects under multiple concurrent attacks were discussed. Finally, the covering and clustering method was used to guess attack intensions. Experiment shows that the proposed method can reveal security situation more thoroughly and accurately, and can guide dynamic defense preferably.

Key words: computer application, network security, threat situation evaluation, spread analysis, attack intention

CLC Number: 

  • TP393.08


[1] Bass T. Intrusion detection systems and multisensor data fusion: creating cyberspace situational awareness
[J]. Communications of the ACM, 2000, 43(4):99-105.

[2] Ambrosio B, Takikawa M, Upper D, et al. Security situation assessment and response evaluation (SSARE)//Proceedings of the DARPA Information Survivability Conference & Exposition II,Los Alamitos, America: IEEE Computer Society, 2001:387-394.

[3] 陈秀真,郑庆华,管晓宏,等. 层次化网络安全威胁态势量化评估方法
[J]. 软件学报, 2006, 17(4):885-897. Chen Xiu-zhen, Zheng Qing-hua, Guan Xiao-hong, et al. Quantitative hierarchical threat evaluation model for network security
[J]. Journal of Software, 2006, 17(4):885-897.

[4] 张海霞,连一峰,苏璞睿,等. 基于安全状态域的网络评估模型
[J]. 软件学报, 2009, 20(2):451-461. Zhang Hai-xia, Lian Yi-feng, Su Pu-rui, et al. Security-state-region-based model of network security evaluation
[J]. Journal of Software, 2009, 20(2):451-461.

[5] 韦勇,连一峰,冯登国. 基于信息融合的网络安全态势评估模型
[J]. 计算机研究与发展, 2009, 46(3):353-362. Wei Yong, Lian Yi-feng, Feng Deng-guo. A network security situational awareness model based on information fusion
[J]. Journal of Computer Research and Development, 2009, 46(3):353-362.

[6] Shahriari H R, Jalili R. Vulnerability take grant (VTG): an efficient approach to analyze network vulnerabilities
[J]. Computers & Security, 2007, 26(5):349-360.

[7] 张永铮,方滨兴,迟悦,等. 用于评估网络信息系统的风险传播模型
[J]. 软件学报, 2007, 18(1):137-145. Zhang Yong-zheng, Fang Bin-xing, Chi Yue, et al. Risk propagation model for assessing network information systems
[J]. Journal of Software, 2007, 18(1):137-145.
[1] LIU Fu,ZONG Yu-xuan,KANG Bing,ZHANG Yi-meng,LIN Cai-xia,ZHAO Hong-wei. Dorsal hand vein recognition system based on optimized texture features [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1844-1850.
[2] WANG Li-min,LIU Yang,SUN Ming-hui,LI Mei-hui. Ensemble of unrestricted K-dependence Bayesian classifiers based on Markov blanket [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1851-1858.
[3] JIN Shun-fu,WANG Bao-shuai,HAO Shan-shan,JIA Xiao-guang,HUO Zhan-qiang. Synchronous sleeping based energy saving strategy of reservation virtual machines in cloud data centers and its performance research [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1859-1866.
[4] ZHAO Dong,SUN Ming-yu,ZHU Jin-long,YU Fan-hua,LIU Guang-jie,CHEN Hui-ling. Improved moth-flame optimization method based on combination of particle swarm optimization and simplex method [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1867-1872.
[5] LIU En-ze,WU Wen-fu. Agricultural surface multiple feature decision fusion disease judgment algorithm based on machine vision [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1873-1878.
[6] OUYANG Dan-tong, FAN Qi. Clause-level context-aware open information extraction [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1563-1570.
[7] LIU Fu, LAN Xu-teng, HOU Tao, KANG Bing, LIU Yun, LIN Cai-xia. Metagenomic clustering method based on k-mer frequency optimization [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1593-1599.
[8] GUI Chun, HUANG Wang-xing. Network clustering method based on improved label propagation algorithm [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1600-1605.
[9] LIU Yuan-ning, LIU Shuai, ZHU Xiao-dong, CHEN Yi-hao, ZHENG Shao-ge, SHEN Chun-zhuang. LOG operator and adaptive optimization Gabor filtering for iris recognition [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1606-1613.
[10] CHE Xiang-jiu, WANG Li, GUO Xiao-xin. Improved boundary detection based on multi-scale cues fusion [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1621-1628.
[11] ZHAO Hong-wei, LIU Yu-qi, DONG Li-yan, WANG Yu, LIU Pei. Dynamic route optimization algorithm based on hybrid in ITS [J]. 吉林大学学报(工学版), 2018, 48(4): 1214-1223.
[12] HUANG Hui, FENG Xi-an, WEI Yan, XU Chi, CHEN Hui-ling. An intelligent system based on enhanced kernel extreme learning machine for choosing the second major [J]. 吉林大学学报(工学版), 2018, 48(4): 1224-1230.
[13] FU Wen-bo, ZHANG Jie, CHEN Yong-le. Network topology discovery algorithm against routing spoofing attack in Internet of things [J]. 吉林大学学报(工学版), 2018, 48(4): 1231-1236.
[14] CAO Jie, SU Zhe, LI Xiao-xu. Image annotation method based on Corr-LDA model [J]. 吉林大学学报(工学版), 2018, 48(4): 1237-1243.
[15] HOU Yong-hong, WANG Li-wei, XING Jia-ming. HTTP-based dynamic adaptive streaming video transmission algorithm [J]. 吉林大学学报(工学版), 2018, 48(4): 1244-1253.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
Copyright © Journal of Jilin University(Engineering and Technology Edition), All Rights Reserved.
Tel: +86-431-85095297 Fax: +86-431-85094074 E-mail: xbgxb@jlu.edu.cn
Powered by Beijing Magtech Co. Ltd