Title :
A Quantitative Evaluation Model for Network Security
Author :
Man, Dapeng ; Yang, Wu ; Yang, Yongtian ; Wang, Wei ; Zhang, Lejun
Abstract :
The existing network security assessment models have the problems of inadequate capacity of quantitative analysis and lacking for vulnerabilities correlation. To address these problems, a hierarchical network security evaluation model is proposed. The network is divided into vulnerability level, service level, equipment level and network level. The model uses attack graph to correlate the network vulnerabilities, and then calculates the probabilities of successfully exploiting the vulnerabilities. On this basis, the quantitative risks of each level are calculated. Since this model much more accords with the features of network structure, it is an effectively guidance for the network administrators to develop and improve the network security policies.
Keywords :
Computational intelligence; Data security; Detectors; Fusion power generation; Information analysis; Information security; Information systems; Monitoring; Network topology; Probability;
Conference_Titel :
Computational Intelligence and Security, 2007 International Conference on
Conference_Location :
Harbin, China
Print_ISBN :
0-7695-3072-9
Electronic_ISBN :
978-0-7695-3072-7
DOI :
10.1109/CIS.2007.75
