首页    期刊浏览 2024年11月28日 星期四
登录注册

文章基本信息

  • 标题:An Approach of Security Risk Evaluation Based on the Bayesian Attack Graph
  • 本地全文:下载
  • 作者:Wang Hui ; Chen Fuwang ; Wang Yunfeng
  • 期刊名称:The Open Cybernetics & Systemics Journal
  • 电子版ISSN:1874-110X
  • 出版年度:2015
  • 卷号:9
  • 期号:1
  • 页码:953-960
  • DOI:10.2174/1874110X01509010953
  • 出版社:Bentham Science Publishers Ltd
  • 摘要:

    The evaluation of network risk is a vital task. Nevertheless, there‘s no approach for looking both the severity of the vulnerabilities and the general status of network security. It can not handle with uncertainty occurred in the process of evaluation. This paper proposes a practical approach named HTV to solve the upper two problems. First, an algorithm using the Bayes Theorem is designed to check the causal dependencies of attack events and their evidence. Then, a model that we call Bayesian Attack Graph (BAG) is proposed to model the attack events and the vulnerabilities and the attack evidence so that the vulnerabilities in system could be identified correctly and availably. Finally, we adapt the definition that we call the degree threat of vulnerability (DVT) to quantify the severity of vulnerabilities. Results in experiments show that this approach can split the vulnerabilities into various levels, so it can help assess the severity of the vulnerabilities and the general status of network security availably.

国家哲学社会科学文献中心版权所有