【作者】 方莉莉；

【导师】 傅鹂；

【作者基本信息】 重庆大学 ， 计算机软件与理论， 2008， 硕士

【摘要】 网络世界面临着无处不在的脆弱性以及可能遭受来自各方面的威胁和攻击,安全风险是必然存在的,对安全风险分析是进行网络安全主动防御的一项重要内容,对网络安全技术的研究具有重要的意义,是目前的研究热点之一。网络安全风险分析就是要尽可能的了解目前与未来的网络风险所在,充分分析这些风险的严重程度,做到对症下药,防患于未然,主动保护计算机和网络的安全,将系统遭受攻击和破坏的可能性较低到最小程度。本文首先分析了传统的风险分析方法,总结了传统风险分析与风险分析本质的关系,研究了一般的网络安全风险分析方法,及各自的优、缺点。结合实际的风险评估工作,总结出传统风险评估方法的具有对资产和漏洞关联性优点,对威胁判断主观性大的缺点;而从当前基于攻击方法的研究不能联系资产的业务价值的特点,设计了一个安全风险分析与控制模型。模型中采用基于攻击图的风险分析方法,在提取目标系统及其弱点信息和攻击行为特征的基础上,模拟攻击者的入侵状态改变过程,生成攻击状态图,并给出其生成算法。利用攻击图识别出了潜在的威胁及其所涉及的主体、客体和行为,经过定量评估得到各种入侵路径的风险程度,为分析风险状况和制定风险控制策略提供了依据,根据风险分析结果,使用漏洞修补作为风险控制的方法,并通过量化计算方法来验证漏洞修补的效果。最后,通过典型实验环境,分析验证了该分析方法的实用性及有效性,通过仿真实验验证了分析过程的科学性。更多还原

【Abstract】 The network world is facing the vulnerabilities that exist everywhere in the network, threats and attacks that come from various aspects. Security risk exists inevitably. The security risk assessment which is an important and actively defense technology in network security, has the vital significance to the network security technology research, and is one of present research hotspots.The network security risk analysis will understand as far as possible whether there are risks at present or at the future network, and it fully analyses influence degree of these risks, so that we may achieve acts appropriately to the situation, prevent accidents before they occur, and protect the computer and the network security on own initiative, and make the possibility of system attacked and the destroyed lowers to the most mild degree.Firstly this paper concludes the relationship between the traditional risk assessment and risk analysis. Secondly it analyses some of general risk analysis methods of network security, and each of their advantages and disadvantages analysis included. In light of the actual work, it concludes that the method of traditional risk assessment has the advantage of relevance of assets and loopholes, and has the disadvantage of subjective judgments on the threat; and the current research of method based on attack can not associate the value of assets to risk analysis. So it raises a model of security risk analysis and control, in the model it takes the method of risky analysis based on attacks, and the information about target network and intruder is studied and described. By correlating the system’s vulnerabilities and attacker’s behaviors, attack state graph (A S G) is introduced, and its generating algorithm presented. In ASG the state transfer during the attack process is simulated. Then the ASG is used to find out all the routes of the attacker’s pervasion, and then to evaluate the threatened location and risk degree, which provides a useful evidence and guidance for making risk decision. Following the result of risky analysis, it uses the method of mending loopholes for controlling the risk, and verifies the effectiveness of vulnerability patch through quantitative method.Finally a virtual network environment is given to illustrate the applicability of this risk analysis method, then it validates its effectiveness to network security analysis and quantitative assessment, and also the process of analysis is verified scientifically through the simulating experiments.更多还原