Research On Network Security Assesment Based On Bayesian Network Privilege Graph

The computer network is facing the vulnerabilities that exist everywhere, threatsand attacks that come from various aspects. There is security risk inevitably. Thesecurity evaluation which is an important active defense technology in network security,has the vital significance to the network security technology research, and is one ofpresent research focus.In this paper, we introduce the development background and present research statusof network risk assessment briefly at first. Then the methods of risk assessment areintroduced in detail. Network security assessment can be concluded as follows:quantitative assessment, assessment based on rules and assessment based on models.This paper works out with a method of network security assessment based on Bayesianprivilege graph which is a combination of quantitative method of Bayesian network,model of graph theory and rules like CVSS. This method of network securityassessment based on Bayesian privilege graph involves quantitative assessment andassessment based on model. It first generates some kind of privilege graph according tosome algorithm and then it gives different kinds of quantitative analysis includingposteriori probability analysis, MPE analysis, global analysis. At last we used themethod of network security assessment based on Bayesian privilege graph to test anexample and which has explained the method’s correctness.