Network security situation evaluation method for multi-step attack
Aiming at analyzing the influence of multi-step attack,as well as reflecting the system’s security situation accurately and comprehensively,a network security situation evaluation method for multi-step attack was proposed.This method firstly clustered security events into several attack scenes,which...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2017-01-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2017021/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Aiming at analyzing the influence of multi-step attack,as well as reflecting the system’s security situation accurately and comprehensively,a network security situation evaluation method for multi-step attack was proposed.This method firstly clustered security events into several attack scenes,which was used to identify the attacker.Then the attack path and the attack phase were identified by causal correlation of every scene.Finally,combined with the attack phase as well as the threat index,the quantitative standard was established to evaluate the network security situation.The proposed method is assessed by two network attack-defense experiments,and the results illustrate accuracy and effectiveness of the method. |
|---|---|
| ISSN: | 1000-436X |