期刊名称:International Journal of Security and Its Applications
印刷版ISSN:1738-9976
出版年度:2014
卷号:8
期号:1
页码:363-372
DOI:10.14257/ijsia.2014.8.1.34
出版社:SERSC
摘要:The abstract is to be aiming at the complex security situation, situation assessment through a comprehensive analysis of the conclusions drawn generalization to ease management staff awareness and response pressure. Analysis of a number of typical characteristics and lack of assessment methods, we propose a conversion to right harm, dangerous and spread overlay analysis assessment model as the core of the vector, Aims correlation within the network point of view, more thorough, more accurately reveal the security situation. Describes the data, services due authorization, depending on the association occurs, discussed attacking position, risk measure, as well as the superposition of effects coordinated attack. From the point of view of the invasion, the attacker through security breaches or theft of fake login authorization, illegal operation of various resources, directly against the data, services, confidentiality, integrity, availability, and then pass along the dependencies harm, causing wider ramifications indirect losses. From the potential risks, dynamic threats, permanent loss of three levels starting assessed value of each component of the momentum, using the overlay method and clustering method to speculate attacks intended, identify coordinated attack and guiding automatic defense. At last, using with experiments to validate and assess. This model adaptable well, and it's able to draw more precise conclusions credible assessment.
