Research On Vulnerability Assessment Technology Based On Correlation Relationship

With the increase of network security incidents, people pay more attention to the security of their network. The source of the network security incidents is those vulnerabilities which exist in network. It is the foundation of the network security to research the security vulnerability assessment technology. Because of the complexity of the network and the diversification of attack behavior, static vulnerability assessment cannot reflect the real severity in the actual environment, and the severity of vulnerability change with the change of time and environment, and the potential relationship among vulnerabilities can influent the result of vulnerability assessment, so it is a difficult challenge to accurately assess the severity of vulnerability with vulnerability assessment technology.This paper studies the vulnerability assessment technology based on relationship almost vulnerabilities. The main researching contents include: firstly, the research on vulnerability assessment metrics. Through comprehensive analysis of vulnerability, eliminate the redundant metrics, consider some dynamic elements such as the relationship among vulnerabilities、 attackers technology level and the patch availability, eventually, build up vulnerability assessment metrics. Secondly, research on vulnerability exploitability value. Research that a vulnerability is hard or easy to be exploited by attacker, namely, vulnerability exploitability value, is the foundation of assessing vulnerability severity. According to the metrics of vulnerability exploitability, use the principle component analysis theory to deal with the vulnerability assessment metrics and make it to be independent linearly, and then computing the vulnerability exploitability value in the specific time and environment. Thirdly, research on vulnerability assessment technology. According to the privilege attacker possess before and after exploit one vulnerability in the victim host and attack graph, build up a vulnerability correlation graph, use PageRank algorithm to compute the correlation value of every vulnerability, establish the vulnerability correlation evaluation model, and compute the potential damage、 the possibility and the risk and so on if one vulnerability is exploited by attacker, and eventually, give out one vulnerability correlation assessment report. Fourthly, the application of vulnerability correlation assessment model. Research on the application of vulnerability correlation assessment model in practice, design the overall architecture of vulnerability correlation assessment model and every function module in detail, put this model apply to the vulnerability evaluation system, use MVC design idea to make the system structure be modular, eventually, implement the main function modular of vulnerability correlation assessment model.