Network Security Risk Assessment Method Research Based Cost-effectiveness

The network application is more and more extensive.Once the damage caused by the attack is incalculable,it is of great practical significance to evaluate the network risk.This paper proposes a privilege escalation graph quantification model.Based on this,it studies how to predict the attacker's behavior and construct an optimal security hardening strategy.The main research contents are as follows:Firstly,it analyzes the shortcomings of the traditional network model and establishes the privilege escalation graph model.The model not only shows the attacker's attack process from the perspective of privilege escalation,but also formulates detailed attack rules to solve the problem that the previous model is not easy to expand and the attack process is not clear.The problem is to quantify the privilege escalation graph using the CVSS vulnerability quantification method to implement the privilege escalation graph modeling and quantification framework.Secondly,aiming at the complex network situation and unable to quickly identify the attacker's attack intention,an attacker behavior prediction method based on ant colony algorithm is proposed.This method considers the greedy nature of the attacker,adds cost-effectiveness to quantify the own risk and joint risk of the atomic attack,and guides the ant to advance.On this basis,the path selection is carried out by the roaming method,and the attack path that the attacker is most likely to select is obtained,and the network security manager is provided with an early warning to prevent the network from being attacked.Thirdly,in view of the lack of effective reinforcement methods in current network analysis,a security reinforcement strategy based on genetic algorithm is proposed.First,build a cost function using the reinforcement strategy cost quantification method.Then,the depth-first path search algorithm is proposed to obtain the attack path,calculate the importance of atomic attack,and use the vulnerability scoring method to quantify the atomic attack risk value and construct the risk function.Finally,the cost function and the risk function are combined to evaluate the fitness of each reinforcement strategy,and thesecurity reinforcement strategy that best meets the actual network conditions is obtained to reduce the network risk.Finally,the two algorithms proposed in this paper carry out simulation experiments on attack graphs of different scales,and analyze and verify the correctness of the algorithm.