| The vulnerabilities existed in the computer system make the viruses and illegal invasion more and more serious, passive defense technology can clearly not meet the requirements, Based on network attack modle, the network security assessment technology, which plays a active defensive end, can evaluate the sistuation before the attacking and has gradually become the mainstream of network security technology development.Based on the Take-Grant protection system, this paper used the intelligent theory to make the attack model more intelligentized, and improve the accuracy of the network risk assessment. Firstly, According to the characteristics that the vulnerabilities exist in the components of the network nodes when attacking, the NCVTG model proposed by this paper describes the network attack on the network components level more thinningly. The model add the precise description for the privilege,connection relation and attributes among the network components, and add the vulnerabilities rewriting rules at the same time; Furthermore, a graph Privilege transitive closure generation algorithm whose time complexity is polynomial time for the NCVTG model is proposed, the algorithm can make a dynamic security analysis when the network are changing, and give all attack paths based on present vulnerability states. Through an experiment based on modeling real vulnerabilities for a system, the results show that the model can make a comprehensive analysis to network security and predict possible attacks; Secondly, According to the characteristic that the information system obtained when doing network security analysis is rough and incomplete, this paper makes the process of attack be analogous to the rough and uncertainty relationship mining process, after that proposes a new network risk assessment model based on rough graph. The model is made up of three parts of main contents including node rough correlation network, attack graph generation algorithm based on rough graph and network risk maximum flow analysis algorithm. In the final, this paper uses a representative example of network system to explain the method of model, and verify the correctness. Model advantage analysis shows that the model can reflect the actual situation better than the previous attack graph model and risk assessment model, further the findings and safety recommendations are more accurate and reasonable; Finnaly, According to the characteristics that always separate process from the perspective of the attacker or defender when analysis, and ignoring the knowledge gained both offense and defense are rough, this paper put forward a rough network situational awareness model based on the dynamic game theory, it used the rough correlation network to describe the current network state rough access relationship between the components, used the rough attack strategy set and defensive strategy to describe the dynamic game process, rough game attack path selection algorithm optimal given all the attacker's maximum possible attack paths under the current level of knowledge, which can help network administrators to take appropriate defensive measures.In this paper, Take-Grant Protection System, rough maps, game theory and other related intelligence theory were combined to propose three improved network risk assessment model, the results demonstrate that the model can clearly describe the network attack and defense scenarios, and played a certain situation for intelligent reference. |
PDF Full Text Request