Research And Design On Network Security Risk Assessment System

With the rapid development of network technology, there inevitably exists some potential security problems while sharing resources in network. Network security issues have received particular attention while doing network research. Since the technique of network security assessment can detect potential vulnerabilities and give the security condition of network system, it has become one of the most important techniques to realize network security.Based on CVE (Common Vulnerabilities and Exposures) criteria, investigations on system security vulnerability are made and a kind of database is designed and realized for vulnerability query and management. Discussions on the techniques of network risk assessment are given. Besides, a security risk assessment model based on threat assessment and simulation attack, which adopts a hierarchical evaluation policy called "bottom to top, local to global" is also presented in the paper to analyze network security situations. The work by this paper is mainly about as following:(1) The main problems which network security is facing and their corresponding solutions are given and analyzed in the paper generally. The basic requirements for network security, the existing problems, and the critical techniques for solving various problems are also presented.(2) Investigations on the development and status of criteria of both here and abroad for network security risk assessment are made. The common methods for security risk assessment are also introduced in the paper. Comparing these methods, one method is chosen for this thesis.(3) A risk assessment model based on threat assessment and simulation attack is proposed, and a kind of prototype system is designed and realized. Particular designs for system functions, system structures, basic functional modules, and the logic relations between the modules are made and the functions of main modules are realized.(4) The tests on the functions of the available modules for network security risk system are made in this paper. By analyzing the log data offered by HoneyNet, the design and the scheme for the system are proved to be effective and applicable.For the conventional security risk assessment, the results by large granularity assessment can't provide security administrators with much effective and applicable information. By simulation experiments and analyzing the log offered by HoneyNet, the model established in the paper is proved to be effective and can improve the precision and consistency of assessment. So it can help the administrators make decisions for the current network security situations.