计算机工程 ›› 2008, Vol. 34 ›› Issue (6): 137-139.doi: 10.3969/j.issn.1000-3428.2008.06.050

• 安全技术 • 上一篇    下一篇

基于攻击场景的信息系统生存性计算

张乐君,王 巍,国 林,杨 武,杨永田   

  1. (哈尔滨工程大学信息安全研究中心,哈尔滨 150001)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2008-03-20 发布日期:2008-03-20

Survivability Computation of Information Systems Based on Intrusion Scenario

ZHANG Le-jun, WANG Wei, GUO Lin, YANG Wu, YANG Yong-tian   

  1. (Information Security Research Center, Harbin Engineering University, Harbin 150001)
  • Received:1900-01-01 Revised:1900-01-01 Online:2008-03-20 Published:2008-03-20

摘要: 介绍一种基于攻击场景的系统生存性量化评估方法。该方法基于网络系统的生存性,不仅和本身有关,还与系统所处的环境密切相关。通过攻击图确定攻击场景,给出网络系统生存性的量化公式,帮助管理员有效确定影响系统生存性的关键节点,通过试验验证了该方法的有效性。

关键词: 生存性模型, 攻击场景, 量化评估

Abstract: This paper presents a survivability quantitative analysis method for network information system based on intrusion scenario. The method indicates that the survivability is not only relevant to the system but also to its running environment. So the survivability computing formulas are given according to attack scene. A case study proves the correctness and effectiveness of the method, it can find out the weak nodes that can be damaged by attacker and give the network administrator valuable suggestions to enhance system survivability.

Key words: survivability model, intrusion scenario, quantitative evaluation

中图分类号: