为了能够自动地对当前网络安全态势进行评估,提出一种层次化的网络安全风险评估方法.其原理是:首先,基于DS证据理论对报警数据进行关联融合;然后,基于权重数值分析法和层次分析技术,自下而上、由局部到整体地计算各个层级的安全态势值.基于真实网络环境的实验结果表明,该方法的评估结果准确性比较高,而且基于分层方法的安全态势表示方法更加直观、易于理解.与现有方法相比,该方法强化了报警数据的证据力度,克服了目前层次式评估系统模糊处理能力不强的缺点.%In order to automatically assess the present network security situation, the authors propose a hierarchical network security risk assessment methodology. Its principles are as follows:first,DS theory is laid as the foundation for correlatively fusing alert data;then,based on weight value analytical methodology and hierarchical analysis technique,from bottom to top and from local to global,it calculates the security situation value for every hierarchical layer. Experiments based on real network environment illustrate that the assessment results are more accurate;furthermore,the hierarchical methodology based security situation presentation methodology is more straightforward and understandable. Compared with existing methods,the proposed method not only intensifies the evidence about alert data but also overcomes the weakness of present hierarchical assessment systems at fuzzy treating.
展开▼
