Chinese Journal of Network and Information Security ›› 2020, Vol. 6 ›› Issue (5): 54-66.doi: 10.11959/j.issn.2096-109x.2020070
• Papers • Previous Articles Next Articles
Lei HAN1,2(),Jiqiang LIU3,Jian WANG3,Bo SHI1,Xudong HE3
Revised:
2020-03-21
Online:
2020-10-15
Published:
2020-10-19
Supported by:
CLC Number:
Lei HAN,Jiqiang LIU,Jian WANG,Bo SHI,Xudong HE. Quantitative threat situational assessment method for higher secure attribute value device[J]. Chinese Journal of Network and Information Security, 2020, 6(5): 54-66.
"
ide | namee | typee | security attribute infomatione | confige | ||||||
confe | inte | availe | attrivaluee | ipe | porte | service | ||||
de_001 | Snort | network | 3 | 3 | 3 | 2.197 | 192.168.200.206 | any | snort | |
de_002 | LVS | service | 2 | 3 | 4 | 2.393 | 192.168.200.100 | 112 | lvs keepalived | |
de_003 | Tomcat | service | 3 | 3 | 4 | 2.654 | 192.168.200.101 | 8 080 | tomcat | |
de_004 | MongoDB | service | 4 | 3 | 4 | 3.066 | 192.168.200.102 | 27 017 | mongod | |
de_005 | FA/DNS/AD/DHCP | service | 2 | 3 | 4 | 2.393 | 192.168.100.103 | 53 389 67 68 | dns ldap dhcp | |
de_006 | NFS | service | 5 | 4 | 5 | 4.066 | 192.168.200.104 | 2 049 | rpcbind nfs | |
de_007 | LogServer | service | 4 | 3 | 3 | 2.737 | 192.168.0.105 | 514 | syslog | |
de_008 | SFtpServer | service | 4 | 3 | 3 | 2.737 | 192.168.200.106 | 22 | sftp | |
de_009 | SVN | service | 4 | 4 | 4 | 3.197 | 192.168.200.107 | 3 690 | svn | |
de_010 | Switcher | network | 2 | 3 | 5 | 3.115 | 192.168.200.108 | 68 | dhcp | |
de_011 | FW IPSec | Security network | 5 | 5 | 5 | 4.197 | 124.65.190.74 192.168.0.1 192.168.200.1 192.168.100.1 | 80 443 21 500 4500 137 2049 445 25 161 22 514 23 389 | http https ftp ike ipsec netbios nfs smb smtp snmp ssh syslog telnet ldap |
[1] | 龚正虎, 卓莹 . 网络态势感知研究[J]. 软件学报, 2010,21(7): 1605-1619. |
GONG Z H , ZHUO Y . Research on cyberspace situational aware-ness[J]. Journal of Software, 2010,21(7): 1605-1619. | |
[2] | CYRIL O . Understanding cyber situation awareness[J]. International Journal on Cyber Situational Awareness, 2016,1(1): 11-30. |
[3] | BLASCH E , PLANO S . JDL level 5 issues supporting situational assessment reasoning[C]// Proc of the Signal Processing,Sensor Fusion,and Target Recognition XI (SPIE). 2002: 270-279. |
[4] | ENDSLEY M , . Situation awareness global assessment technique (SAGAT)[C]// Proc of the IEEE'88 National Aerospace and Electronics Conf. 1988: 789-795. |
[5] | AGGARWAL P , GONZALEZ C , DUTT V . Cyber-security:role of seception in cyber-attack detection[C]// International Conference on Applied Human Factors and Ergonomics. 2016: 85-96 |
[6] | SUN X , DAI J , LIU P ,et al. Towards probabilistic identification of zero-day attack paths[J]. Communications and Network Security, 2017: 64-72. |
[7] | ZHANG H , YAO D , RAMAKRISHNAN N ,et al. Causality reasoning about network events for detecting stealthy malware activities[J]. Computers & Security, 2016,58(C): 180-198. |
[8] | SHAO P , LU J , WONG R K ,et al. A transparent learning approach for attack prediction based on user behavior analysis[C]// International Conference on Information and Communications Security. 2016: 159-172. |
[9] | 刘效武, 王慧强, 吕宏武 ,等. 网络安全态势认知融合感控模型[J]. 软件学报, 2016,27(8): 2099-2114. |
LIU X W , WANG H Q , LYU H W ,et al. Fusion-based cognitive awareness-control model for network security situation[J]. Journal of Software, 2016,27(8): 2099-2114. | |
[10] | 文志诚, 陈志刚, 唐军 . 基于信息融合的网络安全态势量化评估方法[J]. 北京航空航天大学学报, 2016,42(8): 1593-1602. |
WEN Z C , CHEN Z Q , TANG J . Assessing network security situa-tion quantitatively based on information fusion[J]. Journal of Bei-jing University of Aeronautics and Astronautics, 2016,42(8): 1593-1602. | |
[11] | 赵淦森, 吴杰超, 陈梓豪 ,等. 网络空间安全态势感知研究[J]. 网络与信息安全学报, 2016,2(10): 29-35. |
ZHAO G S , WU J C , CHEN Z H ,et al. Research on security situa-tion awareness in cyberspace[J]. Journal of Network and Informa-tion Security, 2016,2(10): 29-12. | |
[12] | 朱承, 缪嘉嘉, 毛捍东 . 面向行为的内网空间安全态势建模与分析[J]. 网络与信息安全学报, 2016,2(8): 17-22. |
ZHU C , MIU J J , MAO H D . Behavior-oriented intranet space se-curity situation modeling and analysis[J]. Journal of Network and Information Security, 2016,2(8): 17-22. | |
[13] | ELIAS B H , MARTIN H , MOURAD D ,et al. Big data sanitization and cyber situational awareness:a network telescope perspective[J]. IEEE Transactions on Big Data, 2017,99: 1-8. |
[14] | MIN D , LEI F F , ZHENG G N ,et al. DeepLog:anomaly detection and diagnosis from system logs through deep learning[C]// ACM Sigsac Conference(CCS’17). 2017: 1285-1298. |
[15] | 寇广, 王硕, 张达 . 基于深度堆栈编码器和反向传播算法的网络安全态势要素识别[J]. 电子与信息学报, 2019,41(9): 2187-2193. |
KOU G , WANG S , ZHANG D . Recognition of network security situation elements based on depth stack encoder and back propaga-tion algorithm[J]. Journal of Electronics & Information Technology, 2019,41(9): 2187-2193. | |
[16] | 程家根, 祁正华, 陈天赋 . 基于 RBF 神经网络的网络安全态势感知[J]. 南京邮电大学学报(自然科学版), 2019,39(4): 88-95. |
CHENG J G , QI Z H , CHEN T F . Network security situation awareness based on RBF neural networks[J]. Journal of Najing University of Posts an Telecommunications(Natural Science Edition), 2019,39(4): 88-95. | |
[17] | 张勇, 谭小彬, 崔孝林 ,等. 基于 Markov 博弈模型的网络安全态势感知方法[J]. 软件学报, 2011,22(3): 495-508. |
ZHANG Y , TAN X B , CUI X L ,et al. Network security situation awareness approach based on Markov game model[J]. Journal of Software, 2011,22(3): 495-508. | |
[18] | 席荣荣, 云晓春, 张永铮 . 一种改进的网络安全态势量化评估方法[J]. 计算机学报, 2015,38(4): 749-758. |
XI R R , YUN C X , ZHANG Y Z . An improved quantitative evalua-tion method for network security[J]. Chinese Journal of Computers, 2015,38(4): 749-758. | |
[19] | 杨豪璞, 邱辉, 王坤 . 面向多步攻击的网络安全态势评估方法[J]. 通信学报, 2017,38(1): 187-198. |
YANG H P , QIU H , WANG K . Network security situation evalua-tion method for multi-step attack[J]. Journal on Communication, 2017,38(1): 187-198. | |
[20] | 杨君刚, 梁礼, 刘故箐 ,等. 在线监测的路由器安全威胁态势量化评估方法[J]. 通信学报, 2013,34(11): 59-70. |
YANG J G , LING L , LIU G J ,et al. Method for router online secu-rity risk assessment quantification[J]. Journal on Communications, 2013,34(11): 59-70. | |
[21] | YU B L , ALI A K , SELVAKUMAR M ,et al. An adaptive assessment and prediction mechanism in network security situation awareness[J]. Journal of Computer Sciences, 2017,13(5): 114-129. |
[22] | CRISTINA A J . Wide-area situational awareness for critical infrastructure protection[J]. IEEE Computer, 2013,46(4): 30-37. |
[23] | CRISTINA A , SHERALI Z . Critical infrastructure protection:requirements and challenges for the 21st century[J]. International Journal of Critical Infrastructure Protection, 2015,8: 53-56. |
[24] | CEEMAN V , ANURAG S , SAMAN Z . CPIndex:cyber-physical vulnerability assessment for power-grid Infrastructures[J]. IEEE Transactions on Smart Grid, 2017,6(2): 566-575. |
[25] | 国家信息中心.GB/T 20984-2007 信息安全技术信息安全风险评估规范[S]. 北京:中国标准出版社, 2007. |
Nation Informatics Centre. GB/T 20984-2007 Information security technology-Risk assessment specification for information securi-ty[S]. Beijing:Standards Press of China, 2007. | |
[26] | CVSS-Common Vulnerability Scoring System[EB]. |
[27] | 韦勇, 连一峰 . 基于日志审计与性能修正算法的网络安全态势评估模型[J]. 计算机学报, 2009,32(4): 763-772. |
WEI Y , LIAN Y F . A network security situational awareness model based on log audit and performance correction[J]. Chinese Journal of Computers, 2009,32(4): 763-772. | |
[28] | Snort-the open source network intrusion detection system[EB]. |
[29] | Nmap-free security scanner for network[EB]. |
[30] | Netwox-a toolbox for network[EB]. |
[31] | Kali linux-a Debian-derived linux distribution designed for digital forensics and penetration testing[EB]. |
[32] | Nmon-the linux system performance tools[EB]. |
[33] | Smokeping-a toolbox for tracking of your network latency[EB]. |
[1] | Fan CHAO, Zhi YANG, Xuehui DU, Bing HAN. Classified risk assessment method of Android application based on multi-factor clustering selection [J]. Chinese Journal of Network and Information Security, 2021, 7(2): 161-173. |
[2] | Guanghan DUAN,Chunguang MA,Lei SONG,Peng WU. Research on structure and defense of adversarial example in deep learning [J]. Chinese Journal of Network and Information Security, 2020, 6(2): 1-11. |
[3] | Lei SONG, Chunguang MA, Guanghan DUAN. Machine learning security and privacy:a survey [J]. Chinese Journal of Network and Information Security, 2018, 4(8): 1-11. |
[4] | Lixun LI,Bin ZHANG,Shuqin DONG. Host security threat analysis approach for network dynamic defense [J]. Chinese Journal of Network and Information Security, 2018, 4(4): 48-55. |
[5] | Cheng ZHU,Jia-jia MIAO,Han-dong MAO. Behavior-oriented inside network security situation modeling and analysis [J]. Chinese Journal of Network and Information Security, 2016, 2(8): 17-22. |
[6] | Wei LIU,Bing-wen FENG,Jian WENG. Survey on research of mini-drones security [J]. Chinese Journal of Network and Information Security, 2016, 2(3): 39-45. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|