Zhang Yongzheng,FANG Binxing,YUN Xiaochun

DOI: https://doi.org/10.3969/j.issn.1000-3428.2005.14.053

2005-01-01

Abstract:With increasing security problems of information technology, developers of information security products seek for the trusted security assessment by the third part. But there are some defects in present assessment methods for host software systems. This paper proposes a quantitative risk assessment approach for host system security, combining with the vulnerability information in software system. An assessment instance is given to analyze the assessment algorithm. Finally, this paper illuminates the advantages of this assessment approach.

XIA Yang,LU Yu-Liang

DOI: https://doi.org/10.3969/j.issn.1002-137X.2007.10.017

2007-01-01

Computer Science

Abstract:In the field of network security,the research of quantitative vulnerability assessment of computer host and network is becoming highlighting.This paper brings forward a method of network-vulnerability quantitative assess- ment,and a corresponding system,based on this method,is established closely after that.In order to obtain the vul- nerability measurement of target host,the possibility of the existence and the exploitability of vulnerability are evalua- ted quantitatively in the system.On the basis of that,by combining with network topology,the dangerous path and critical node of network are analyzed in terms of the refined shortest-path algorithms.Thereby,the administrator can patch the vulnerability with a definite purpose,and which undoubtedly would enhance the general security performance of the network.

Yue Zhang,Wang Zhao

DOI: https://doi.org/10.1109/icngn59831.2023.10396667

2023-01-01

Abstract:The rapid development of information technology has greatly improved the level of enterprise informatization. However, while providing a variety of services to users, there may also be security issues such as data breaches, denial of service attacks, and extortion attempts. To address the aforementioned issues and enhance the security of information systems, multiple security devices have implemented protective measures. However, relying solely on the configuration and construction of security facilities cannot fundamentally resolve network security issues. Therefore, an important challenge currently faced is how to quantitatively assess, evaluate, and guide security personnel to optimize the configuration of the network security system. This is a significant matter that requires careful consideration.Currently, most existing quantitative security evaluation schemes focus on assessing security risks, but the entire security protection system has not been utilized as an evaluation criterion, and its protective effectiveness has not been quantitatively evaluated. Simultaneously, establishing quantitative connections between security impact factors and the security protection system, linking the protection effectiveness of individual security devices to overall security protection effectiveness, and then optimizing and improving the protection effectiveness have become critical bottlenecks in measuring the protection effectiveness of the network security protection system.

夏阳,陆余良,蒋凡

DOI: https://doi.org/10.3969/j.issn.1002-137X.2003.02.028

2003-01-01

Computer Science

Abstract:The rapid development of the Network makes the comprehensive analysis as well as the quantitative evaluation of its security become more and mere important. This paper illustrates the major realization process of a Network Security Quantitative Evaluation System,which,from an intruder's angle ,established a Hierarchy Intrusion Relationship Graph by analyzing the credit degree fusion and relevancy of the secure information of the target network and by combining with powerful database information. At last, by applying some relative mathematics model and arithmetic, the paper analyzes and evaluates the security of this Network Hierarchy Intrusion Relationship Graph comprehensively and quantitatively.

Sun Yang,Xiong Wei

DOI: https://doi.org/10.1109/icsess.2017.8342948

2017-01-01

Abstract:The vulnerability of network or information system is the inherent reason for the existence of security risks and security risks. External threats exploit the vulnerability of the network or information system to launch attacks. Therefore, in the field of network security risk assessment technology, security vulnerability analysis takes an important position and is the basis for a network security risk assessment. This paper mainly reviews the research status of network security vulnerability analysis methods, network security quantitative evaluation method and real-time evaluation method of network security.

Rongrong Xi,Xiaochun Yun,Shuyuan Jin,Yongzheng Zhang

DOI: https://doi.org/10.1109/PDCAT.2011.57

2011-01-01

Abstract:In face of overwhelming alerts produced by firewalls or intrusion detection devices, it is difficult to assess network threats that we face. In this paper, we propose a threat assessment approach to estimate the impact of attacks on network. The approach employs the Common Vulnerability Scoring System to quantitatively assess network threats and further correlates alerts with contextual information to improve the accuracy of assessment. In the case studies, we demonstrate how the approach is applied in real networks. The experimental results show that the approach can make an accurate assessment of network threats.

Yao Ye,Cai Wandong,Fang Nan

DOI: https://doi.org/10.1109/ibcast.2016.7429909

2016-01-01

Abstract:There is an increasing demand for security risk assessment of network & information system where assessment usually is comprised of all kinds of Internal or external threat. Now there is also another problem to be solved, that is, when the information system increased another many risk parts, if the system is still under a security state. In order to answer this question, the paper adopted an incremental factor analysis method to assess information system risk. This method used influence of assets on system risk and risk coefficient to compute the risk increment coefficient, so as to judge information system risk levels. Experiment results indicated that this method is available as well as effective.

Zuo Zheng,Wang Yunpeng,Ma Bin,Zou Bosong,Cao Yaoguang,Yang Shichun

DOI: https://doi.org/10.19562/j.chinasae.qcgc.2023.ep.004

2023-01-01

Abstract:The first step of information security design is threat analysis and risk assessment（TARA）, which determines security requirements and objectives, and provides a basis for the forward development of information security and the repair of security vulnerabilities. However, the current TARA can only evaluate the impact of malicious attack and security vulnerabilities, which can’t support quantitative evaluation of the effectiveness of protection strategies. Therefore, an attack and fix combined threat analysis and risk assessment（AFC-TARA） method is proposed in this paper. By converting the security state of the system-level on-board network architecture into a continuous-time Markov chain model, and associating the vulnerability mining, vulnerability repair and security defense strategy with the transition rate, a system-level on-board network architecture security assessment and analysis that comprehensively considers attack variables and defense variables are finally realized.

Huiying Lv,Yuanda Cao

DOI: https://doi.org/10.1109/ISISE.2008.109

2008-01-01

Abstract:A risk situation evaluation model for network security is proposed based on analyzing security threat status. This method first perceived and identified the characteristics of critical risk factors, such as asset, vulnerability and threat, from multi-security-sensors. Then a quantitative evaluation algorithm was presented to estimate current threats and potential threats. By analyzing their threat degree, the real-time status and dynamic evolvement trend of security risk was revealed. Sequentially, the security administrator can comprehend the situation about both the single entity and the overall network then timely and effectively make security decisions. Finally this method was illustrated and validated in an emulated network environment. © 2008 IEEE.

ZHANG Chi,CAO Jiandong,LI Yiquan,WANG Huifang

DOI: https://doi.org/10.3969/j.issn.1007-290x.2012.05.006

2012-01-01

Abstract:Aiming at lack of quantitative assessment and choosing design scheme of relaying protection system of digital substation,the paper proposes to develop quantitive assessment software for relaying protection scheme of digital substation and elaborates on technical lines for implementing reliability assessment,economy assessment and comprehensive assessment;it presents flow chart of the implementation and discusses content and implementing method of each functional module.It is indicated by the research that the implementation of the software can effectively help to scientific choose design scheme of relaying protection system of digital substation.

Jin Shi,Guangwei Hu,Mingxin Lu,Li Xie

DOI: https://doi.org/10.1109/ISME.2010.156

2010-01-01

Abstract:Traditional network security assessment technologies are usually qualitative analyses from large variation of security factors. It is difficult to guide security managers to configure network security mechanisms. A new network security quantitative analysis method called ACRL is presented in this paper. It assesses attack sequences from credibility, risk and the loss of system and provides the assessment values to security managers. It can assess the network security mechanisms and measures in position and can help security managers adjust the corresponding security mechanisms and choose the response methods against attacks in detail. An experiment of our method shows favorable and promising results.

Gao Jian,Yu Huadong,Wang Hongmian,Bai Huifeng,Huo Chao,Zhang Ganghong

DOI: https://doi.org/10.1051/itmconf/20224703015

2022-01-01

ITM Web of Conferences

Abstract:Along with the computer, communication, control, the rapid development of automation technology, based on the analysis of the information security requirements, combined with the trusted computing provide security solution, the communication control information security interaction model and the key technology to realize information security interaction, put forward a real-time evaluation model based on credible global terminal entities. By introducing penalty factor and time factor, the evaluation method is improved from single evaluation to global evaluation. Taking the user information collection system as an example, the information security communication model of behavior trust measurement mechanism is simulated. The simulation results show that this model has the ability of continuous trust measurement in dynamic uncertain network environment, and can accurately determine the trust of terminal entities in real time, and it is more realistic, which lays a good foundation for the research of trust connection, trust management and trust decision based on trust measurement.

Yi-xian LIU,De-jun MU

DOI: https://doi.org/10.3969/j.issn.1673-629X.2018.04.029

2018-01-01

Abstract:With the development of network technology,security events continually emerge,so how to achieve the overall security protec-tion is an important issue.As an effective protection method to information system,the security assessment can provide the comprehensive support of security technology for information system compared with traditional security protection methods.By analyzing the impacts on the system's asset vulnerability to its confidentiality,integrity and availability,the scores are assigned by CVSS (common vulnerability scoring system),and then the assessment of network information system is achieved with the weight of the attributes.A simple network information system is constructed in the experiment and the scanner is used in the system equipment to find the vulnerability information of assets.The basic score data is obtained from the NVD for the calculation of risk assets value which is transformed for qualitative assess-ment.The experiment verifies the feasibility and the effectiveness of the proposed method.

MA Tao,SHAN Hong

DOI: https://doi.org/10.3724/sp.j.1087.2008.00412

2008-01-01

Abstract:The rapid development of the Wireless Network makes the quantitative evaluation of its security become more and more important.From unauthorized access' angle,this paper set up the 802.11b WLAN experiment environment and security evaluation model,and thoroughly analyzed the WLAN security quantitative evaluation.In this paper,WLAN security quantitative evaluation was divided into two parts:network intrusion extent evaluation after unauthorized access and based on its security evaluation of all computers in the network.This paper gave methods and process of quantitative evaluation,and introduced the flow of system implementation.Finally,the example of security quantitative evaluation was analyzed to validate the given method.

Jingjing Hu,Yichao He,Chen Liu,Huaizhi Yan,Changzhen Hu

2019-01-01

Journal of nonlinear and convex analysis

Abstract:There are many factors affecting the security of the network system, which makes it difficult to determine which one impacts the entire network system. This further increases the difficulty of determining an overall assessment of network system security. In order to improve the efficiency of network security assessment and enhance the accuracy of the holistic assessment, this paper adopts the Zachman Framework to establish a semantic description model of network system security. We combine this research with Multi-layer Perceptron (MLP) to achieve a quantitative assessment of network security. The model established in this paper can create a more complete measure of the security of the network system. The measurement of the index data is easy to collect, and the results of the quantitative evaluation of network security can be obtained.

Rong-Rong Xi,Xiao-Chun Yun,Zhi-Yu Hao,Yong-Zheng Zhang

DOI: https://doi.org/10.1002/sec.1473

IF: 1.968

2016-01-01

Security and Communication Networks

Abstract:Traditional network threat situational assessment is based on raw alerts, not combined with contextual information, which influences the accuracy of assessment. In this paper, we propose a method to quantitatively assess network threat situation based on not only alerts but also contextual information. It firstly verifies alerts by matching alerts with contextual information to determine the successful probability of attacks, then analyzes the impact caused by attacks according to the severity and the corresponding asset value of them, and finally quantitatively assesses network threat situation based on the successful probability and the impact of attacks. Case studies show that the method can assess network threat situations more reasonably. Copyright © 2016 John Wiley & Sons, Ltd.

XIA Yang,LU Yu-liang

DOI: https://doi.org/10.3969/j.issn.1000-7024.2005.06.026

2005-01-01

Abstract:The security performance of target host is assessed quantitatively based on the method of manual neural network. Network framework and learning algorithm of BP neural networks are analyzed and then some factors are brought forward influencing host's security performance. In addition, thetraining samples and practical testing of the host's securitycapability in terms ofBP neural networks are offered. Computer security quantitative assessment based on manual neural network provides a feasible method for the research of assessing security performance of target host.

刘芳,戴葵,王志英,吴丹

DOI: https://doi.org/10.3969/j.issn.1000-3428.2004.18.007

2004-01-01

Abstract:In this paper, the necessity and feasibility of quantitative security evaluation are analyzed, in particular with regard to nowadays security requirements. Based on the probability and statistics, the quantitative security model is brought forward. And then a complete quantitative evaluating system is introduced, which is based on the modularization and the quantitative security model. Finally, the rationality and validity of this system are verified through experiments.

Junqi Zhang

2015-01-01

Abstract:The advent of the information age, has changed people's way of life, and the public network information system as the infrastructure of information society, the security problems have been related to the development of each of our country all sectors of society, industry, has become an important component of the people daily life essential. However, information system hardware and software weakness also decided we cannot avoid the need to face the computer network information security problem, and the network information security system is damaged, it will seriously affect the life of people, and even cause serious economic loss, therefore, it is necessary to deeply research on safety management information system to ensure the security of information system operation, the paper point of infinite monitoring, combined with the public network information security problems, puts forward the method and strategy through the radio monitoring issue of computer network and information security hidden danger.

WANG Wei,LI Chun-ping,LI Jian-bin

DOI: https://doi.org/10.16208/j.issn1000-7024.2007.14.060

2007-01-01

Abstract:Safe field in the information,the risk assessment is foundation and premises that builds up the safe system of the information system,but the risk assessment method rises to the usefulness of the assessment prominent function.The risk assessment method contain a lot of kinds,each method have it the place of the shortage.The risk assessment method adopted threat tree model and analytical hierarchy process that method combine together,made use of two kinds of vantages that assessment method,made up the shortage of the one risk assessment method,the aim is search into a kind of more valid,more reasonable and more accurate risk assessment method.