摘要: 现有情景感知框架对网络安全风险评估没有精确的量化方法,为此,结合DS证据理论和协商目标风险分析系统,提出一种基于情景感知框架的网络安全风险评估模型。基于DS理论进行网络安全威胁信息融合和情景识别,采用概率风险分析进行逐层风险量化和网络安全风险判别,并以低轨道卫星通信网为例进行网络安全风险评估仿真实验,结果验证了该评估模型和方法能有效识别威胁情景,并提高风险评估判别的准确性。
关键词:
DS证据理论,
协商目标风险分析系统,
情景感知,
低轨道卫星通信,
网络安全,
风险评估
Abstract: In view of network security situation awareness framework’s lack of a precise mathematical quantitative method to network information security risk assessment, a network risk assessment model based on network security situation awareness framework is proposed by combining DS evidence theory and Consultative Objective Risk Analysis System(CORAS). Network security threats information fusion and situation perception based on DS evidence theory, hierarchical risk quantitative analysis based on probabilistic risk analysis, and risk discrimination. Low earth orbit satellite communication network is taken as an example to make a simulation and assessment. Experimental results show the proposed model and method can effectively identify threat situation, and increase the accuracy of risk assessment discriminant.
Key words:
DS evidence theory,
Consultative Objective Risk Analysis System(CORAS),
situation awareness,
low earth orbit satellite communication,
network security,
risk assessment
中图分类号:
戚湧, 王艳, 李千目. 基于情景感知的网络安全风险评估模型与方法[J]. 计算机工程, 2013, 39(4): 158-164.
CU Yong, WANG Yan, LI Qian-Mu. Network Security Risk Assessment Model and Method Based on Situation Awareness[J]. Computer Engineering, 2013, 39(4): 158-164.