Design And Realization Of Network Security Assessment System

Along with the rapid development of the Internet, the network has entered deeply People's Daily life, economic, military, science and education, etc. In the era of Internet information sharing, network security risks exist everywhere. Network security assessment could detect the security vulnerability and the threat in network, and assess the security of network systems. It is an important technology of active defense, and it has important significance to the research of network security technology.At present our country had many kinds of network security assessment system, but these assessment systems mainly aims at the detection of network security vulnerabilities, and they only have analyzed simply on the risk assessment aspect , and they have done nothing on the situation assessment and forecast aspect. Therefore we urgent needed to establish a more comprehensive network security assessment system; this assessment system should contain many kinds of examination methods and many kinds of risk assessment method, and attempted to establish network security situation assessment and the forecast module. Nowadays, our country is constructing information security safeguard system, in which the testing and evaluation for important information infrastructure and network information system is an important part. In 2006, China established the National "863" High-tech Program (goal-oriented): the network information system safety test evaluation system framework and support platform. In this paper, research content is a part of the national "863" project, and it is mainly about the research, design and realization of network risk assessment and network situation assessment and prediction. Network risk assessment has been designed according to the principle of risk analysis in "Information security technology, Risk assessment specification for information security". We adopt two models to calculate the risk value: matrix model and weighting model. The design of the weighting model has considered the character of security incident validation subsystem. For the transition of risk value to risk level, this paper designs 2 kinds of transformation model for different users to choice. They are the maximum model and weighted mapping model. For situation assessment, the paper adopted multi-perspective analysis model for the overall framework. At present, there are no good methods to calculate the situation value. So we designed a Markov game theory-based risk assessment model for network information system and realized it in the subsystem. The Markov game theory-based risk assessment model considered the regulation of threat, therefore the security assessment even more conforms to the security incident objective law, and it is more careful to the network security situation's analysis. For situation forecast, we used 3 mature forecast models, which are historical incremental evaluation model,neural network model and time series model. We has used the fine interface design when realizing the security situation assessment and forecast subsystem, and provided a good display platform for each kind of assessment result. After having realized security situation assessment and prediction subsystem, we had tested it combined with the other sub-systems of the support platform in national information security evaluation center. The next step we will use the support platform to test and evaluate several networks in departments of army.