Network Security Assessment Method Based On Object Perti Net

With the rapid development of network technology and increasing network attacks, network security has become the focus of people's attention. Firewall, NIDS and other passive means of defense has been difficult to meet the security needs of the increasingly complex network environment, so proactive defense system is established imminently. The network security evaluation method based on model plays an important role in the construction of active defense system, and the accuracy of the evaluation results directly affects the development of defense strategy. Therefore, this article is modeled as a basis to attack the network security assessment studies expanding the following aspects:Firstly, the object oriented technology is applied to the network attack modeling and the definition of the object oriented Petri net network attack model is proposed. In order to maximize the vulnerability of the network system to explore the existence of the vulnerability of the attackers' attack decision-making related assumptions, and the evaluation function is introduced to quantify the cost of attack behavior. On the basis of these, we use the ordered search strategy to give the generation algorithm of the object oriented Petri net model which can predict the attack behavior. Assist network administrator to make security measures according to the optimal attack pathSecondly, In order to accurately assess the effective network system security risks at all levels, we etablish a comprehensive and effective risk assessment index system and calculation method. At the same time, the definition of Object Petri network attack model is extended on the output arcs into attack damage index and the breadth first search strategy can also reflect the host normal access relationships and illegal attack hit the behavior of vulnerability relation model is constructed to enhance the ability of model description of risk communication. On the basis of the model, this paper which use the improved Dijkstra algorithm gives the analysis method of the security risk of the network system without attack target, and compares the evaluation results and gives the countermeasures to reduce the security risk.Finally, based on the evaluation of the optimal attack path, an iterative and formal method for network security enhancement is proposed. In order to solve the impact of the cost of quantization attacks on the accuracy of the evaluation results of the optimal attack path, fuzzy system theory is introduced to construct object Fuzzy Petri net attack model with object Petri net. By the improved ant colony algorithm to combine the fuzzy attack cost and the real degree to mine the fuzzy optimal attack path in the network attack environment.On the basis of the evaluation results, the establishment and implementation of the network security enhancement strategy and the method of updating the network attack model are given.