Research Of Network Security Risk Assessment Based On Agent And Ontology

With the progress of information technology developes continuously, network security which has been more and more highlighted has attracted the attention of enterprises, therefore, more and more enterprises begin to deploy the overall security policy and network security risk assessment. Network security risk assessment help to establish the mechanism of network information security, by assessing the information can effectively improve the confidentiality, integrity and availability, thereby reducing the company's network security risks.In this paper, firstly, for solving the bottlenecks of information processing on traditional host vulnerability scanner, a distributed host vulnerability scanner base on agent, a tool for automatic identification of vulnerability, is desiged and implemented; Secondly, for building a security vulnerability ontology, a security vulnerability ontology semi-automatic construction method based on OWL is proposed using OWL as the ontology language. the completeness and accuracy on extracting security vulnerability information automatically of the method is verified by extracting security vulnerability information on seven major source of security vulnerabilities, and the efficiency of building security vulnerabilities Ontology is improved; Then In view of the vulnerability state diagram automatic generation algorithm isn't exist currently, the knowledge base of vulnerability state graph is described formally using description logic, and on this basis, algorithm of network vulnerability state graph generation based on description logics is designed and completed, providing the basis for analyzing network vulnerabilities automatically, the effectiveness and feasibility of the method is verified through experiments on a small network; Finally for quantitative evaluation of network security risk, a computational method of network security risk is proposed by comprehensive application of AHP model and network vulnerability state graph, which uses CVSS as a basis for vulnerability ratings, and can discover the path used by threat indirectly through network connectivity, it can assess more accurately security risk, the feasibility of the method is demonstrated by an experimental example.