| Network Security Assessment provides an important way to achieve active defense and is now becoming the basic work and the important part of information security system construction. Today, with the highly developed information technology, the computer information security risk assessment has become one of the hot fields in the network security research.This paper first analyzed the relationship between security assessment and attack graph, then introducesd CVSS vulnerability scoring system to help analyzing the network security situation. To resolve the problems in current safety assessment (e.g. the presence of strong subjectivity and the need for a large number of manual analysis), this paper presented a security assessment algorithm based on attack graph: AGRank, which quantitatived security assessment of network systems. In the vulnerability assessment, we first computed the initial rank values of all nodes in the attack graph, and then calculated the final rank values, as a result, the relative importance of each node was clear, and the ability of response for network security was escalated. Experimental results also showed that the algorithm was reasonable and effective and played an important role in security assessment analysis. In addition, in the vulnerability assessment, this paper presented one another flexible program in which the adjustment of the software vulnerability assessment was based on its severity. Furthermore, this paper presented a method for security assessment using AGRank. |
PDF Full Text Request