Research on methods of network risk evaluation
网络风险评估方法研究

In order to evaluate the network risk, Hidden Markov random procedure was adopted as analysis means. The output of intrusion detection systems (called alarm events) was used as the processed objects. The Hidden Markov Model (HMM) to describe the state transform of the attacked host system was constructed. The calculation method of the risk coefficient for host systems was given. The risk coefficients for host systems were simply added to obtain the quantitive evaluation of the risk for whole network. The experiments justify that the proposed method is effective.