Research On Network Security Risk Assessment Based On Attack Pattern

With the rapid development of computer network technology and extensive application, enormous changes occurred in people's life. However, along with the convenience, the disadvantages of network technology such as network vulnerabilities and attacks are increasingly common and on the rise. Therefore, how to protect the security of computer networks has become a hot pot by researchers. Especially, to implement an effective risk assessment on computer network is the basis and premise to protect the computer network security.Firstly, it has analysed and generalized vulnerabilities which are in the open vulnerability databases, such as Common Vulnerabilities and Exposures. In addition, database technology design is applied to implement the attack pattern database.Secondly, on the basis of attack pattern database this paper has proposed an attack scripts generation approach which is based on attack pattern. Attack modeling technique is applied to describe vulnerabilities in system and generate a general attack script, then the attack script is refined to executable attack script which is executed by testing tool in charge of emulating the attack. A network security risk assessment model based on attack pattern is proposed, and the model assesses the risk of network by generating, capturing, analyzing and weighing risks which are presented in actual attack packets of various attack types. Through contrasting the assessment results which are obtained in the protected network and unprotected network, it can be proved that the model can effectively eliminate the influence of the results of risk assessment on multiple network attacks, and the model can reveal the risks and threats which may be faced by system with only running a single test on a composition of system with similar attributes, without repeated assessment activities on the system with similar attributes.Finally, a simulation test environment is adopted to verify the validity and feasibility of network security risk assessment model based on attack pattern which is proposed.