Advanced Search
Volume 35 Issue 11
Dec.  2013
Turn off MathJax
Article Contents
Ge Hai-Hui, Xiao Da, Chen Tian-Ping, Yang Yi-Xian. Quantitative Evaluation Approach for Real-time Risk Based on Attack Event Correlating[J]. Journal of Electronics & Information Technology, 2013, 35(11): 2630-2636. doi: 10.3724/SP.J.1146.2012.01539
Citation: Ge Hai-Hui, Xiao Da, Chen Tian-Ping, Yang Yi-Xian. Quantitative Evaluation Approach for Real-time Risk Based on Attack Event Correlating[J]. Journal of Electronics & Information Technology, 2013, 35(11): 2630-2636. doi: 10.3724/SP.J.1146.2012.01539

Quantitative Evaluation Approach for Real-time Risk Based on Attack Event Correlating

doi: 10.3724/SP.J.1146.2012.01539
  • Received Date: 2012-11-26
  • Rev Recd Date: 2013-05-24
  • Publish Date: 2013-11-19
  • The alarms of Intrusion Detective System (IDS) are correlated and analyzed dynamically in a certain interval of time according to the relevant characteristics of real-time alarms. On this basis, a quantitative evaluation approach for real time risk is proposed. Firstly, considering the influence of the strength of security measures and vulnerabilities to attacking results, the attacking success probability algorithm is proposed. Secondly, the attacking threat degree algorithm is proposed, and it can better reflect the difference of threat degree between continuous multi-step attacks and multiple isolated attacks. Finally, the risk situation graph of network nodes is achieved by the weighted sum of each node risk situation value. To verify the validity of the method, a testing platform is built. Experiments show that the method can improve the accuracy of evaluation results, and will help to optimize the safety strategy.

  • loading
  • 加载中

Catalog

    通讯作者: 陈斌, bchen63@163.com
    • 1. 

      沈阳化工大学材料科学与工程学院 沈阳 110142

    1. 本站搜索
    2. 百度学术搜索
    3. 万方数据库搜索
    4. CNKI搜索

    Article Metrics

    Article views (1994) PDF downloads(898) Cited by()
    Proportional views
    Related

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return