引用本文: | 张维明,毛捍东,陈锋.一种基于图论的网络安全分析方法研究.[J].国防科技大学学报,2008,30(2):97-101.[点击复制] |
ZHANG Weiming,MAO Handong,CHEN Feng.Study on Network Security Analysis Method Based on Graph[J].Journal of National University of Defense Technology,2008,30(2):97-101[点击复制] |
|
|
|
本文已被:浏览 6903次 下载 5712次 |
一种基于图论的网络安全分析方法研究 |
张维明, 毛捍东, 陈锋 |
(国防科技大学 信息系统与管理学院,湖南 长沙 410073)
|
摘要: |
随着信息技术安全问题的日益突出,对网络系统进行安全分析日益重要。提出了一种基于图论的网络安全分析方法NEG-NSAM,在进行网络参数抽象和脆弱性关联分析的基础上,构造网络渗透图模型,刻画了威胁主体逐步渗透安全目标的动态过程。针对大规模网络环境,提出了渗透图简化算法。最后,运用NEG-NSAM方法进行了实例分析,验证该方法的可行性和有效性。 |
关键词: 安全分析 网络渗透 渗透图 网络参数抽象 |
DOI: |
投稿日期:2007-08-31 |
基金项目:国家自然科学基金资助项目(70371008) |
|
Study on Network Security Analysis Method Based on Graph |
ZHANG Weiming, MAO Handong, CHEN Feng |
(College of Information System and Management, National Univ. of Defense Technology, Changsha 410073,China)
|
Abstract: |
As information technology security issues become more prominent, the network system security analysis is becoming increasingly important. The paper presents NEG-NSAM, a network security analysis method. Based on network parameters abstract and vulnerability correlation analysis, the network exploitation graph model was constructed, and the dynamic process of a gradual infiltration of the main threats to security objectives was characterized. For large-scale network environment, the simplified algorithm of network exploitation graph model was proposed. Finally, the NEG-NSAM was used to exemplify the network and verify the feasibility and effectiveness of the method. |
Keywords: security analysis network exploit exploitation graph network parameter abstract |
|
|