Author Login Editor-in-Chief Peer Review Editor Work Office Work

Computer Engineering ›› 2010, Vol. 36 ›› Issue (21): 159-161. doi: 10.3969/j.issn.1000-3428.2010.21.057

• Networks and Communications • Previous Articles     Next Articles

Quantization Evaluation Algorithm for Attack Graph Based on Node Score

CHEN Qi-yun1, CHEN Xiu-zhen1, CHEN Yi-qun2, FAN Lei1   

  1. (1. School of Information Security Engineering, Shanghai Jiaotong University, Shanghai 200240, China; 2. Unit 61398, Shanghai 200137, China)
  • Online:2010-11-05 Published:2010-11-03

基于节点分值的攻击图量化评估算法

陈其云1,陈秀真1,陈依群2,范 磊1   

  1. (1. 上海交通大学信息安全工程学院,上海 200240;2. 61398部队,上海 200137)
  • 作者简介:陈其云(1981-),男,硕士研究生,主研方向:信息安全;陈秀真,讲师、博士;陈依群,高级工程师、博士;范 磊,副教授、博士
  • 基金资助:
    国家自然科学基金资助项目(60605019, 60772098);国家“863”计划基金资助项目(2007AA01Z473);教育部博士点基金资助项目(20070248002);上海市曙光学者基金资助项目

Abstract: This paper proposes a quantization evaluation algorithm for attack graph based on node score named NSBRank, which is used to quantize the importance of all nodes in the attack graphs. It computes the initial ranks of all nodes, and works out the final ranks on the basis of the initial values, so that the relative importance between nodes is more clear, and the ability of response for network security is enhanced. Experimental results prove that NSBRank is more reasonable and effective.

Key words: attack graph, AssetRank algorithm, NSBRank algorithm, node score

摘要: 提出一种基于节点分值的攻击图量化评估算法NSBRank,用于对攻击图中所有节点的重要性进行量化计算。通过求解节点初始等级值,得到各节点的最终等级值,使各节点间的相对重要性更明确,从而提高网络安全事件的处理能力。实验结果证明,NSBRank计算得出的攻击图节点等级值更加客观准确。

关键词: 攻击图, AssetRank算法, NSBRank算法, 节点分值

CLC Number: