A network vulnerability evaluation method based on Bayesian networks

doi:10.7523/j.issn.2095-6134.2008.5.011

Journal of University of Chinese Academy of Sciences ›› 2008, Vol. 25 ›› Issue (5): 639-648.DOI: 10.7523/j.issn.2095-6134.2008.5.011

Previous Articles Next Articles

A network vulnerability evaluation method based on Bayesian networks

CHEN Si-Si¹, LIAN Yi-Feng^1,2, Jia Wei³

1State Key Laboratory of Information Security, Graduate University of Chinese Academy of Sciences, Beijing 100049, China;
2 Institute of Software , Chinese Academy of Sciences, Beijing 100080, China; 3 Department of Electronic Engineering and Information Science, University of Science and Technology of China, Hefei 230027, China

Received:1900-01-01 Revised:1900-01-01 Online:2008-09-15

Abstract

Abstract: Network vulnerability evaluation is a hot topic of network security research. In this paper we analyze and compare the existing network security model and quantitative assessment methods. Considering all the security-related factors of network in vulnerability evaluation, we propose a set of evaluation metrics that includes reliability parameters of network, criticality parameters of network, lowest degree minimal path set and lowest degree minimal cut set .We also propose a new method of quantitative assessment based on Bayesian network. Finally we give an example to simulate the net-attack using SPIN and validate vulnerability evaluation indices and methods. The result shows that the method and the evaluation indices could evaluate and reflect the security state of network successfully.

CHEN Si-Si, LIAN Yi-Feng , Jia Wei. A network vulnerability evaluation method based on Bayesian networks[J]. Journal of University of Chinese Academy of Sciences, 2008, 25(5): 639-648.

A network vulnerability evaluation method based on Bayesian networks

PDF (PC)

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 0

Recommended Articles

Metrics

Comments