| 引用本文: | 张维明,毛捍东,陈锋.一种基于图论的网络安全分析方法研究.[J].国防科技大学学报,2008,30(2):97-101.[点击复制] |
| ZHANG Weiming,MAO Handong,CHEN Feng.Study on Network Security Analysis Method Based on Graph[J].Journal of National University of Defense Technology,2008,30(2):97-101[点击复制] |
|
| |
|
|
| 本文已被:浏览 6856次 下载 5687次 |
| 一种基于图论的网络安全分析方法研究 |
| 张维明, 毛捍东, 陈锋 |
|
(国防科技大学 信息系统与管理学院,湖南 长沙 410073)
|
| 摘要: |
| 随着信息技术安全问题的日益突出,对网络系统进行安全分析日益重要。提出了一种基于图论的网络安全分析方法NEG-NSAM,在进行网络参数抽象和脆弱性关联分析的基础上,构造网络渗透图模型,刻画了威胁主体逐步渗透安全目标的动态过程。针对大规模网络环境,提出了渗透图简化算法。最后,运用NEG-NSAM方法进行了实例分析,验证该方法的可行性和有效性。 |
| 关键词: 安全分析 网络渗透 渗透图 网络参数抽象 |
| DOI: |
| 投稿日期:2007-08-31 |
| 基金项目:国家自然科学基金资助项目(70371008) |
|
| Study on Network Security Analysis Method Based on Graph |
| ZHANG Weiming, MAO Handong, CHEN Feng |
|
(College of Information System and Management, National Univ. of Defense Technology, Changsha 410073,China)
|
| Abstract: |
| As information technology security issues become more prominent, the network system security analysis is becoming increasingly important. The paper presents NEG-NSAM, a network security analysis method. Based on network parameters abstract and vulnerability correlation analysis, the network exploitation graph model was constructed, and the dynamic process of a gradual infiltration of the main threats to security objectives was characterized. For large-scale network environment, the simplified algorithm of network exploitation graph model was proposed. Finally, the NEG-NSAM was used to exemplify the network and verify the feasibility and effectiveness of the method. |
| Keywords: security analysis network exploit exploitation graph network parameter abstract |
|
|
