夏阳,陆余良,蒋凡

DOI: https://doi.org/10.3969/j.issn.1002-137X.2003.02.028

2003-01-01

Computer Science

Abstract:The rapid development of the Network makes the comprehensive analysis as well as the quantitative evaluation of its security become more and mere important. This paper illustrates the major realization process of a Network Security Quantitative Evaluation System,which,from an intruder's angle ,established a Hierarchy Intrusion Relationship Graph by analyzing the credit degree fusion and relevancy of the secure information of the target network and by combining with powerful database information. At last, by applying some relative mathematics model and arithmetic, the paper analyzes and evaluates the security of this Network Hierarchy Intrusion Relationship Graph comprehensively and quantitatively.

Xiuzhen Chen,Qinghua Zheng,Xiaohong Guan,Chenguang Lin

DOI: https://doi.org/10.3321/j.issn:0253-987X.2004.04.019

2004-01-01

Abstract:Aiming at the deficiency that is unable to provide useful security situation information encountered in the cur2 rent security evaluation systems , a hierarchical and quantitative model , which is used to evaluate security situation of net2 worked systems , and its corresponding computation method are proposed based on the importance of service , host , and the structure of the network system. This model adopts the evaluation policy from bottom to top and from local to global , calculates the risk indexes of service , host and whole network system by weighting the importance of service and host based on the analysis of attack frequency and its severity , and further evaluates their security situation. Experiments on the HoneyNet dataset show that this system can evaluate the security situation in three levels : service , host and local area network system. It provides system administrators with system intuitive security situation curve and releases them from the exhausting task of alert analysis.

Wei-wei CHENG,Yu-liang LU,Yang XIA,Guo-zheng YANG

DOI: https://doi.org/10.3969/j.issn.1000-2162.2007.04.008

2007-01-01

Abstract:Computer network vulnerability assessment is the important part of the computer security domain,it is very important to improve oneself security level of computer network.This paper introduces the computer network vulnerability firstly,expatiate on the problem which should be solved by the vulnerability assessment,embody introduce some main methods of computer network vulnerability assessment and the issues faced,and then it gives the future work of computer network vulnerability assessment.

徐玮晟,张保稳,李生红

DOI: https://doi.org/10.3969/j.issn.1009-8054.2009.10.022

2009-01-01

Abstract:With the high-speed development of IT industry, network security has attracted much attention.An effective method for network security assessment could not only find the existing flaws, but also discover some potential exploits in the network system.Moreover, this method could locate the node in the network with the highest possiblity of being attacked by means of mathematical tools.Thus the networks at enterprise level could survive a new round of network attack, and the services of enterprises could be continuously carried on.In this article, the methods for network security assessment are classified, and the prospects of network security assessment methods are forecasted.

XIA Yang,LU Yu-Liang

DOI: https://doi.org/10.3969/j.issn.1002-137X.2007.10.017

2007-01-01

Computer Science

Abstract:In the field of network security,the research of quantitative vulnerability assessment of computer host and network is becoming highlighting.This paper brings forward a method of network-vulnerability quantitative assess- ment,and a corresponding system,based on this method,is established closely after that.In order to obtain the vul- nerability measurement of target host,the possibility of the existence and the exploitability of vulnerability are evalua- ted quantitatively in the system.On the basis of that,by combining with network topology,the dangerous path and critical node of network are analyzed in terms of the refined shortest-path algorithms.Thereby,the administrator can patch the vulnerability with a definite purpose,and which undoubtedly would enhance the general security performance of the network.

Gao Jian,Yu Huadong,Wang Hongmian,Bai Huifeng,Huo Chao,Zhang Ganghong

DOI: https://doi.org/10.1051/itmconf/20224703015

2022-01-01

ITM Web of Conferences

Abstract:Along with the computer, communication, control, the rapid development of automation technology, based on the analysis of the information security requirements, combined with the trusted computing provide security solution, the communication control information security interaction model and the key technology to realize information security interaction, put forward a real-time evaluation model based on credible global terminal entities. By introducing penalty factor and time factor, the evaluation method is improved from single evaluation to global evaluation. Taking the user information collection system as an example, the information security communication model of behavior trust measurement mechanism is simulated. The simulation results show that this model has the ability of continuous trust measurement in dynamic uncertain network environment, and can accurately determine the trust of terminal entities in real time, and it is more realistic, which lays a good foundation for the research of trust connection, trust management and trust decision based on trust measurement.

Shen Wei

DOI: https://doi.org/10.1007/978-3-319-98776-7_98

2018-11-05

Abstract:With the development of the information technology, computer information system has played an important role in modern society. As long as any break appears in computer information system, it takes a huge effect in whole society. Based on the analysis of network information safety factors, and then put forward common computer network information safety protection strategy, and the development of the network information safety was prospected and formed the network information safety protection system. There is an important, direct and realistic significance in research about computer system security. With the development of computer and communication technology, the computer net will penetrate every field of our social life as an important method of exchanging information. So, recognizing the frangibility and potential threatens of the net and some existent security problems objectively, taking effectively security strategy and ensuring the security of the net information are the things that every country, and group and every person must envisage. From the basic concept and existent problem of the net information security, some digital security technologies, such as information cryptography technology, digital abstract, digital signature, digital envelope and digital credentials have been analyzed in the paper.

Jingjing Hu,Yichao He,Chen Liu,Huaizhi Yan,Changzhen Hu

2019-01-01

Journal of nonlinear and convex analysis

Abstract:There are many factors affecting the security of the network system, which makes it difficult to determine which one impacts the entire network system. This further increases the difficulty of determining an overall assessment of network system security. In order to improve the efficiency of network security assessment and enhance the accuracy of the holistic assessment, this paper adopts the Zachman Framework to establish a semantic description model of network system security. We combine this research with Multi-layer Perceptron (MLP) to achieve a quantitative assessment of network security. The model established in this paper can create a more complete measure of the security of the network system. The measurement of the index data is easy to collect, and the results of the quantitative evaluation of network security can be obtained.

xue yong wan,liang zhang,wei xu,hong hui gong

DOI: https://doi.org/10.4028/www.scientific.net/AMM.599-601.1457

2014-01-01

Abstract:the computer network is widely applied to people's attention,computer network security is very important,we must take effective measures to ensure the security of computer network.This paper analyzes the implications of computer network security system and its security mechanism,and for the current network security should be involved in some of the elements is introduced.

Yong-jie WANG,Ming XIAN,Guo-yu WANG,Shun-ping XIAO

DOI: https://doi.org/10.16208/j.issn1000-7024.2005.11.002

2005-01-01

Abstract:Effectiveness evaluation study of computer network attack is an important and urgent task in the field of computer network at-tack and defensecountermine.Status quo,main problem and newestdirection of weapon system effectivenessevaluation were introduced.A method based on mechanism,rule and index were studied to set up index system of computer network attack effectiveness evaluation.Specialties of computernetwork attack effectiveness evaluation were analyzed.Network entropy evaluation model,index analyses evalu-ation model and fuzzy estimating evaluation model were brought forward.

Yukun Zheng,Kun Lv,Changzhen Hu

DOI: https://doi.org/10.1007/978-3-319-64701-2_25

2017-01-01

Abstract:With the rapid development of network, network security issues become increasingly important. It is a tough challenge to evaluate the network security due to the increasing vulnerabilities. In this paper, we propose a quantitative method for evaluating network security based on attack graph. We quantify the importance of nodes and the maximum reachable probability of nodes, and construct a security evaluation function to calculate the security risk score. Our approach focuses on the attacker's view and considers the most important factors that may affect the network security. The parameters we use are easily to be acquired in any network. Thus, the assessment score gotten through the evaluation function can comprehensively reflect the security level. According to the security risk value, security professionals can take appropriate countermeasures to harden the network. Experimental results prove that this model solves the security evaluation problem efficiently.

jianfeng zhang,fei liu,weihong han,yan jia,peng zou

DOI: https://doi.org/10.1109/CARPI.2012.6356403

2012-01-01

Abstract:Fast Internet growth and increase in number of network attacks make network security essential in recent years. In order to evaluate the network situation comprehensive and objectively, the Network Security Index System is proposed. However, the Network Security Index System is developed to meet the specific requirement, and has the shortcomings in re-development and maintenance. This paper propose a novel approach to establish a configurable Network Security Index System through the configurable evaluative factors, algorithm and et al. experimental results show that the Network Security Index System created by this approach can be configured to meet different requirements, and has preferable practical worth.

Dapeng Zhou,Yong Zhu

DOI: https://doi.org/10.1007/978-3-030-43306-2_7

2020-01-01

Abstract:With the continuous development of the economy and society, and the continuous improvement of Internet technology, the computer field has paid more and more attention to the use of network security technology. In fact, although network security technology has become more mature in the protection work, virus attacks have gradually matured, making network security technology more difficult in virus handling. The research purpose of this paper is to study the computer network security based on the layered evaluation protection system. This paper analyzes the characteristics of the computer network security layered protection system, studies the main technologies applied in the network security layered protection system, and combines network security The actual characteristics of protection, the design scheme of hierarchical protection evaluation system for computer network security was proposed, the hierarchical evaluation was used to establish the protection system, the computer network security was researched, and the protection system in this paper was verified through system testing. The experimental results in this paper show that the protection system based on layered evaluation in this paper has high security performance, the safety is as high as 97%. In addition, the response time in this layered protection system based on layered evaluation is short and the efficiency is higher.

XIA Yang,LU Yu-liang,YANG Guo-zheng

DOI: https://doi.org/10.3969/j.issn.1000-3428.2007.19.050

2007-01-01

Abstract:Computer network security vulnerability assessment is a research focus in network security field.This paper puts forward the research target of computer network vulnerability assessment and the major problems appeared in the course of research.It analyses some resent research methods and techniques aimed at computer network vulnerability assessment,such as network vulnerability assessment in terms of network connectivity,intrusion path,graph theory,analysis tools,agent,AHP,as well as vulnerability dependence relation graph.Based on the analysis,it points out the advantage and disadvantage of each method.

Sun Yang,Xiong Wei

DOI: https://doi.org/10.1109/icsess.2017.8342948

2017-01-01

Abstract:The vulnerability of network or information system is the inherent reason for the existence of security risks and security risks. External threats exploit the vulnerability of the network or information system to launch attacks. Therefore, in the field of network security risk assessment technology, security vulnerability analysis takes an important position and is the basis for a network security risk assessment. This paper mainly reviews the research status of network security vulnerability analysis methods, network security quantitative evaluation method and real-time evaluation method of network security.

Ming Jiang,Ming Li,Mengchen Cai,Yuan Fang

DOI: https://doi.org/10.1088/1742-6596/1744/3/032189

2021-02-01

Journal of Physics: Conference Series

Abstract:Abstract The emergence of the Internet has had a huge impact on people’s lives and work. In the 21st century, human society has fully entered the Internet age. Through the Internet, people can realize zero-distance, data transmission and information sharing without time and space restrictions. The network has become an important tool for modern people to obtain information, disseminate and share information, and has been applied to almost all fields, from scientific research to astronomy, national defense, medical care, small to home entertainment, production office, web browsing must use the network. However, network security issues have always restricted the application of the network. The network has the characteristics of openness, complexity and speciality. Some lawless elements will steal other people’s information and finance through cyber attacks. The network security problem cannot be ignored. It is important to do a multi-dimensional dynamic risk assessment of network security. This paper will conduct research and analysis on the key technologies of network security multi-dimensional dynamic risk assessment.

MA Tao,SHAN Hong

DOI: https://doi.org/10.3724/sp.j.1087.2008.00412

2008-01-01

Abstract:The rapid development of the Wireless Network makes the quantitative evaluation of its security become more and more important.From unauthorized access' angle,this paper set up the 802.11b WLAN experiment environment and security evaluation model,and thoroughly analyzed the WLAN security quantitative evaluation.In this paper,WLAN security quantitative evaluation was divided into two parts:network intrusion extent evaluation after unauthorized access and based on its security evaluation of all computers in the network.This paper gave methods and process of quantitative evaluation,and introduced the flow of system implementation.Finally,the example of security quantitative evaluation was analyzed to validate the given method.

Fan Yan,Yang Jian-Wen,Cheng Lin

DOI: https://doi.org/10.1109/icmtma.2015.77

2015-06-01

Abstract:The rapid development of computer network system brings both a great convenience and new security threats for users. Network security problem generally includes network system security and data security. Specifically, it refers to the reliability of network system, confidentiality, integrity and availability of data information in the system. Network security problem exists through all the layers of the computer network, and the network security objective is to maintain the confidentiality, authenticity, integrity, dependability, availability and audit-ability of the network. This paper introduces the network security technologies mainly in detail, including authentication, data encryption technology, firewall technology, intrusion detection system (IDS), antivirus technology and virtual private network (VPN). Network security problem is related to every network user, so we should put a high value upon network security, try to prevent hostile attacks and ensure the network security.

Yanli Liu,Meng Cui

DOI: https://doi.org/10.1007/978-3-030-51431-0_39

2020-07-24

Abstract:Since the new century, with the gradual popularization of computer networks around the world, network security defense methods have become more sophisticated and comprehensive, but they are still unable to defend against increasingly sophisticated and increasingly globalized virus attacks. In the process of network use and promotion, the influence of viruses on the network and hackers’ attacks have become an important factor threatening network security. Especially when people use the Internet to pay funds, remittances and other online financial activities, network security has become a constant topic. Establishing an efficient network security incident response system is of great significance for the network to better play its role. Based on the research of network security monitoring, network attack defense, network data backup and recovery theory and technology, this paper studies the strategy model of network security incident response, and uses relevant theories and methods of software engineering, combined with programming languages, to achieve Related application modules of this model. This article implements a low-cost, high-performance multi-data backup and recovery system that works in conjunction with other security devices and systems in the network. The overall structure and workflow are analyzed and designed to achieve multi-point backup and Fast recovery, efficient synchronization strategy for remote data, etc. The experimental research found that the network security incident response system can effectively reduce the security risk of the internal network, with a security proportion of more than 92%.

Huahui Lv,Zhe Ming,Aidong Xu,Hang Yang

DOI: https://doi.org/10.1109/CISCE.2019.00100

2019-07-05

Abstract:Social development has driven the rapid development of computer technology and networks and computers and networks have become "universal" from "rare". But the security instability that followed has also become a major problem in testing individuals and society. Therefore, in the fast and stable establishment of the computer system, how to improve the computer security defense capability has become a difficult problem that we urgently need to study and explore. This paper first analyzes the basic concepts of information security, refines related issues and puts forward suggestions on how to prevent and measure methods based on actual conditions, hoping to help the governance business.

Computer Science