%0 Journal Article
%T Quantitative Hierarchical Threat Evaluation Model for Network Security
层次化网络安全威胁态势量化评估方法
%A CHEN Xiu-Zhen
%A ZHENG Qing-Hua
%A GUAN Xiao-Hong
%A LIN Chen-Guang
%A
陈秀真
%A 郑庆华
%A 管晓宏
%A 林晨光
%J 软件学报
%D 2006
%I
%X Evaluating security threat status is very important in network security management and analysis. A quantitative hierarchical threat evaluation model is developed in this paper to evaluate security threat status of a computer network system and the computational method is developed based on the structure of the network and the importance of services and hosts. The evaluation policy from bottom to top and from local to global is adopted in this model. The threat indexes of services, hosts and local networks are calculated by weighting the importance of services and hosts based on attack frequency, severity and network bandwidth consumption, and the security threat status is then evaluated. The experiment results show that this model can provide the intuitive security threat status in three hierarchies: services, hosts and local networks so that system administrators are freed from tedious analysis tasks based on the alarm datasets to have overall security status of the entire system. It is also possible for them to find the security behaviors of the system, to adjust the security strategies and to enhance the performance on system security. This model is valuable for guiding the security engineering practice and developing the tool of security risk evaluation.
%K network security
%K threat evaluation model
%K threat index
%K intrusion detection system
%K threat situation
网络安全
%K 威胁评估模型
%K 威胁指数
%K 入侵检测系统
%K 威胁态势
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=7735F413D429542E610B3D6AC0D5EC59&aid=A991C026F3848A01&yid=37904DC365DD7266&vid=BCA2697F357F2001&iid=E158A972A605785F&sid=745C7FAEA69986C7&eid=547650636788ED84&journal_id=1000-9825&journal_name=软件学报&referenced_num=79&reference_num=23