网络系统安全度量综述

doi:10.11959/j.issn.1000-436x.2019148

通信学报 ›› 2019, Vol. 40 ›› Issue (6): 14-31.doi: 10.11959/j.issn.1000-436x.2019148

• 专题：网络攻防与安全度量 • 上一篇下一篇

网络系统安全度量综述

吴晨思¹,谢卫强^1,²,姬逸潇^1,²,杨粟¹,贾紫艺¹,赵松^1,²,张玉清^1,²()

¹ 中国科学院大学国家计算机网络入侵防范中心，北京 101408
² 西安电子科技大学网络与信息安全学院，陕西西安 710071

修回日期:2019-06-04 出版日期:2019-06-25 发布日期:2019-07-04
作者简介:吴晨思（1990- ），男，黑龙江大庆人，中国科学院大学博士生，主要研究方向为网络攻防与安全度量。|谢卫强（1992- ），男，河南周口人，西安电子科技大学硕士生，主要研究方向为网络攻防与安全度量。|姬逸潇（1994- ），男，河北衡水人，西安电子科技大学硕士生，主要研究方向为信息安全。|杨粟（1993- ），男，山东临沂人，中国科学院大学博士生，主要研究方向为信息安全与深度学习。|贾紫艺（1994- ），男，河北石家庄人，中国科学院大学硕士生，主要研究方向为网络攻防。|赵松（1994- ），男，陕西西安人，西安电子科技大学硕士生，主要研究方向为信息安全与网络攻防。|张玉清（1966- ），男，陕西宝鸡人，博士，中国科学院大学教授、博士生导师，主要研究方向为网络与信息系统安全。
基金资助:
国家重点研发计划基金资助项目(2016YFB0800700);国家自然科学基金资助项目(U1836210);国家自然科学基金资助项目(61572460);信息安全国家重点实验室开放课题基金资助项目(2017-ZD-01);国家发改委信息安全专项基金资助项目((2012)1424)

Survey on network system security metrics

WU Chensi¹,XIE Weiqiang^1,²,JI Yixiao^1,²,YANG Su¹,JIA Ziyi¹,ZHAO Song^1,²,ZHANG Yuqing^1,²()

¹ National Computer Network Intrusion Protection Center,University of Chinese Academy of Sciences,Beijing 101408,China
² School of Cyber Engineering,Xidian University,Xi’an 710071,China

Revised:2019-06-04 Online:2019-06-25 Published:2019-07-04
Supported by:
The National Key R ＆ D Program of China(2016YFB0800700);The National Natural Science Foundation of China(U1836210);The National Natural Science Foundation of China(61572460);The Open Project Program of the State Key Laboratory of Information Security(2017-ZD-01);The National Information Security Special Projects of National Development and Reform Commission of China((2012)1424)

摘要/Abstract

摘要：

随着人们对网络系统全面和客观认识的不断提高，网络系统安全度量（NSSM）正在得到更多的研究和应用。目前，网络系统安全量化评价正朝着精确化和客观化发展。NSSM可以为攻防对抗以及应急响应决策提供客观和科学的依据，其中网络系统安全全局度量是安全度量领域的重点。从全局度量的角度，分析总结了全局度量在网络系统安全中的地位和作用，归纳总结了度量的3个发展阶段（感知、认识、深化）及其特点，给出了全局度量的工作过程，梳理了度量模型、度量体系、度量工具等方法，并指出了各自的特点及其在安全度量中的作用和相互关系。同时详尽地分析了网络系统全局度量面临的技术挑战，并以表格方式总结了十大机遇与挑战。最后展望了网络系统安全度量研究的下一步方向与发展趋势。分析表明，NSSM在网络安全中具有良好的应用前景。

关键词: 网络系统, 安全度量, 安全评估, 全局度量

Abstract:

With the improvement for comprehensive and objective understanding of the network system,the research and application of network system security metrics (NSSM) are noticed more.The quantitative evaluation of network system security is developing towards precision and objectification.NSSM can provide the objective and scientific basis for the confrontation of attack-defense and decision of emergency response.The global metrics of network system security is a crucial point in the field of security metrics.From the perspective of global metrics,the status and role of global metrics in security evaluation were pointed out.Three development stages of metrics (perceiving,cognizing and deepening) and their characteristics were analyzed and summarized.The process of global metrics was described.The metrics models,metrics systems and metrics tools were analyzed,and their functions,interrelations,and features in security metrics were pointed out.Then the technical challenges of global metrics of network systems were explained in detail,and ten opportunities and challenges were summarized in tabular form.Finally,the next direction and development trend of network system security metrics research were forecasted.The survey shows that NSSM has a good application prospect in network security.

Key words: network system, security metrics, security evaluation, global metrics

中图分类号:

TP393

吴晨思,谢卫强,姬逸潇,杨粟,贾紫艺,赵松,张玉清. 网络系统安全度量综述[J]. 通信学报, 2019, 40(6): 14-31.

WU Chensi,XIE Weiqiang,JI Yixiao,YANG Su,JIA Ziyi,ZHAO Song,ZHANG Yuqing. Survey on network system security metrics[J]. Journal on Communications, 2019, 40(6): 14-31.

图/表 8

图1

图2

表1

度量案例"

度量指标	度量模型	测度值	测量依据
攻击能力	$E_{A_{i}} = \sum_{j = 1}^{m} E_{a_{i j}}$	攻击行为、效用微分元（客观标量）
防御能力	$E_{D_{i}} = \sum_{k = 1}^{m} E_{d_{i k}}$	防御行为、效用微分元（客观标量）	网络系统组成元素、网络系统拓扑结构（多维加权图）、行为路径曲线、平面向量场

表1

图3

表2

图4

表3

表4

参考文献 113

[35]	ZHANG Q , LIU C X , LU G Q . Active defense technology and its developing trend[J]. Computer Modelling ＆New Technologies, 2014,18(12B): 383-390.
[36]	MAZIKU H , SHETTY S , JIN D ,et al. Diversity modeling to evaluate security of multiple SDN controllers[C]// 2018 International Conference on Computing,Networking and Communications (ICNC). IEEE Computer Society, 2018: 344-348.
[37]	RAMOS A , LAZAR M , FILHO R H ,et al. Model based quantitative network security metrics:asurvey[J]. IEEE Communications Surveys＆ Tutorials, 2017,19(4): 2704-2734.
[38]	KAVOUSI F , AKBARI B . Automatic learning of attack behavior patterns using Bayesian networks[C]// 2012 Sixth International Symposium on Telecommunications (IST). IEEE, 2012: 999-1004.
[39]	YI Z , KAI Z , LAI B . Alert correlation graph:a novel method for quantitative vulnerability assessment[J]. Journal of National University of Defense Technology, 2012,34(3): 109-112.
[40]	葛海慧, 肖达, 陈天平 ,等. 基于动态关联分析的网络安全风险评估方法[J]. 电子与信息学报, 2013,35(11): 2630-2636.
	GE H H , XIAO D , CHEN T P ,et al. Quantitative evaluation approach for real-time riskbased on attack event correlating[J]. Journal of Elec-tronics ＆ Information Technology, 2013,35(11): 2630-2636.
[41]	陈秀真, 郑庆华, 管晓宏 ,等. 层次化网络安全威胁态势量化评估方法[J]. 软件学报, 2006,17(4): 885-897.
	CHEN X Z , ZHENG Q H , GUAN X H ,et al. Quantitative hierarchical threat evaluation model for network security[J]. Journal of Software, 2006,17(4): 885-897.
[42]	FENG X , WANG D , MA G ,et al. Security situation assessment based on the DS theory[C]// International Workshop on Education Technology ＆ Computer Science. IEEE Computer Society, 2010: 352-356.
[43]	QU Z Y , LI Y , LI P . A network security situation evaluation method based on DS evidence theory[C]// Environmental Science and Information Application Technology (ESIAT). 2010: 496-499.
[44]	HU H , LIU Y , ZHANG H . Security metric methods for network multistep attacks using AMC and big data correlation analysis[J]. Security and Communication Networks, 2018,2018: 1-14.
[45]	GLADSTONE P J S , KIRBY A J , TRUELOVE J M ,et al. >Security risk management:U.S.Patent 9438615[P].2016-09-06.
[46]	?RNES A , VALEUR F , VIGNA G . Using hidden Markov models to evaluate the risks of intrusions[J]. Lecture Notes in Computer Science, 2006,4219: 145-164.
[1]	KRAUTSEVICH L , MARTINELLI F , YAUTSIUKHIN A . Formal analysis of security metrics and risk[C]// IFIP WG 112 International Conference on Information Security Theory ＆ Practice:Security ＆Privacy of Mobile Devices in Wireless Communication. Springer-Verlag, 2011: 304-319.
[2]	冯登国, 张阳, 张玉清 . 信息安全风险评估综述[J]. 通信学报, 2004,25(7): 10-18.
[47]	RNES A , VALEUR F , VIGNA G ,et al. Using hidden Markov models to evaluate the risks of intrusions[M]// Recent Advances in Intrusion Detection. Berlin Heidelberg:Springer, 2006: 145-164.
[48]	ALMASIZADEH J , AZGOMI M A . A stochastic model of attack process for the evaluation of security metrics[J]. Computer Networks, 2013,57(10): 2159-2180.
[49]	DA G , XU M , XU S . New approach to modeling and analyzing security of networked systems[C]// The Symposium and Bootcamp on the Science of Security. ACM, 2014: 1-12.
[50]	CIARLET P G . An introduction to differential geometry with applications to elasticity[J]. Journal of Elasticity, 2005,78-79(1-3): 1-215.
[2]	FENG D G , ZHANG Y , ZHANG Y Q . Survey of information security risk assessment[J]. Journal of Communications, 2004,25(7): 10-18.
[3]	赵文 . 基于“风险熵”的信息系统风险评估数量化模型研究[D]. 西安:陕西师范大学, 2012.
[51]	刘刚, 李千目, 张宏 . 信度向量正交投影分解的网络安全风险评估方法[J]. 电子与信息学报, 2012,34(8): 1934-1938.
	LIU G , LI Q M , ZHANG H . Reliability vector orthogonal projection decomposition method of network security risk assessment[J]. Journal of Electronics ＆ Information Technology, 2012,34(8): 1934-1938.
[52]	J?RG D , GABRIEL J . What is a Petri net?[C]// Unifying Petri Nets,Advances in Petri Nets. Springer-Verlag, 2001: 1-25.
[53]	HENRY M H , LAYER R M , ZARET D R . Coupled Petri nets for computer network risk analysis[J]. International Journal of Critical Infrastructure Protection, 2010,3(2): 67-75.
[54]	YAN Q . A security evaluation approach for information systems in telecommunication enterprises[J]. Enterprise Information Systems, 2008,2(3): 309-324.
[55]	SWILER L D , PHILLIPS C , GAYLOR T . A graph based network vulnerability analysis system[R]. Albuquerque,USA:Sandia National Laboratories, 1998.
[3]	ZHAO W . Research on quantitative model of risk assessment of in-formation system based on risk entropy[D]. Xi’an:Shanxi Normal University, 2012.
[4]	MARTIN R A , . Making security measurable and manageable[C]// Military Communications Conference. IEEE, 2009: 1-9.
[56]	KUNDU A , GHOSH N , CHOKSHI I . Analysis of attack graph-based metrics for quantification of network security[C]// India Conference. IEEE, 2012: 530-535.
[57]	SHEYNER O , HAINE S , JHA S ,et al. Automated generation and analysis of attack graphs[C]// Symposium on Security and Privacy. IEEE, 2002: 273-284.
[5]	BREIER J , HUDEC L . Towards a security evaluation model based on security metrics[C]// International Conference on Computer Systems＆ Technologies. ACM, 2012: 87-94.
[6]	CHEW E , SWANSON M M , STINE K M . Performance measurement guide for information security[R]. 2008.
[58]	BHATTACHARYA P , GHOSH S K . Analytical framework for measuring network security using exploit dependency graph[J]. IET Information Security, 2012,6(4): 264-270.
[59]	IDIKA N , BHARGAVA B . Extending attack graph-based security metrics and aggregating their application[J]. IEEE Transactions on Dependable and Secure Computing, 2012,9(1): 0-85.
[7]	STANDARD I . IEEE standard glossary of software engineering terminology[S]. IEEE Std 610.12-1990, 2002: 1-84.
[8]	HAYDEN L . IT security metrics:a practical framework for measuring security ＆ protecting data[M]. McGraw-Hill Education Group, 2010.
[60]	张鸣天 . 基于贝叶斯网络的信息安全风险评估研究[D]. 北京:北京化工大学, 2016.
	ZHANG M T . Research on information security risk assessment based on Bayesian network[D]. Beijing:Beijing University of Chemical Technology, 2016.
[9]	HENNING R . Information system security attribute quantification or ordering (commonly but improp—erly known as “security metrics”)[R]. 2002.
[10]	吕欣 . 信息系统安全度量理论和方法研究[J]. 计算机科学, 2008,35(11): 42-44.
[61]	FRIGAULT M , WANG L . Measuring network security using Bayesian network-based attack graphs[C]// IEEE International Computer Software and Applications. IEEE, 2008: 698-703.
[62]	POOLSAPPASIT N , DEWRI R , RAY I . Dynamic security risk management using Bayesian attack graphs[J]. IEEE Transactions on Dependable and Secure Computing, 2012,9(1): 61-74.
[10]	LYU X . Information system security metrics:theoretics and methodology[J]. Computer Science, 2008,35(11): 42-44.
[11]	JAQUITH A . Security metrics[M]. Addison Wesley, 2007.
[63]	王元卓, 林闯, 程学旗 ,等. 基于随机博弈模型的网络攻防量化分析方法[J]. 计算机学报, 2010,33(9): 1748-1762.
	WANG Y Z , LIN C , CHENG X Q ,et al. Analysis for network at-tack-defense based on stochastic game model[J]. Chinese Journal of Computers, 2010,33(9): 1748-1762.
[12]	CHEW E . Performance measurement guide for information security (DRAFT)[J]. National Institute for Standards ＆ Technology, 2008:265.
[13]	JHA S , SHEYNER O , WING J . Two formal analyses of attack graphs[C]// 15th IEEE Computer Security Foundation Workshop. 2002: 49-63.
[64]	LI X , LU Y , LIU S . Network security situation assessment method based on Markov game model[J]. Ksii Transactions on Internet ＆ Information Systems, 2018,12(5): 2414-2428.
[65]	ZHANG H , HAN J , ZHANG J . Security risk evaluation of information systems based on game theory[C]// International Conference on Intelligent Human-machine Systems ＆ Cybernetics. IEEE, 2013: 46-49.
[14]	VILLARRUBIA C , FERNANDEZ-MEDINA E , PIATTINI M . Towards a classification of security metrics[C]// The International Workshop on Security in Information Systems. 2004: 342-350.
[15]	CHEW E , SWANSON M , STINE K M . Performance measurement guide for information security[R].2008-07-16. 2008
[66]	FU S , ZHOU H . The information security risk assessment based on AHP and fuzzy comprehensive evaluation[C]// IEEE International Conference on Communication Software ＆ Networks. IEEE, 2011: 124-128.
[67]	GENG W , HU Y . Information security management model based on AHP[C]// International Conference on Measurement. 2012: 352-355.
[16]	ZHANG B , CHEN Z , WANG S ,et al. Network security situation assessment based on HMM[M]// Advanced Intelligent Computing Theories and Applications with Aspects of Artificial Intelligence. Berlin Heidelberg:Springer, 2011: 509-516.
[17]	LI L , . Security evaluation methods of computer networks based on BP neural network[C]// Advances in Intelligent Systems and Computing. Berlin Heidelberg:Springer, 2013:181.
[68]	YAN C , QIAO B . Study and application of risk evaluation on network security based on AHP[J]. Journal of Huangshi Institute of Technology, 2012,289: 198-205.
[69]	LI J H , LI G Z . Study on the evaluation model for network security[J]. Advanced Materials Research, 2011,317-319: 1745-1748.
[18]	PENDLETON M , GARCIA R , CHO J ,et al. A survey on systems security metrics[J]. ACM Computing Surveys, 2016,49(4):62.
[19]	HU C . Calculation of the behavior utility of a network system:conception and principle[J]. Engineering, 2018,4(1): 78-84.
[70]	TUTEJA A , THALIA S . Towards quantification of information system security[M]// Computational Intelligence and Information Technology. Springer Berlin Heidelberg, 2011.
[71]	李景智, 殷肖川, 胡图 . 基于可拓理论的网络安全评估研究[J]. 计算机工程与应用, 2012,48(21): 79-82.
[20]	IM S Y , SHIN S H , RYU K Y ,et al. Performance evaluation of network scanning tools with operation of firewall[C]// Eighth International Conference on Ubiquitous ＆ Future Networks. IEEE, 2016: 876-881.
[21]	FREISS M . Protecting (telecommunication) networks with SATAN (security analysis tool for analyzing networks)[J]. EDPACS, 1999,27(1): 16-17.
[71]	LI J Z,YIN X C , HU T ,et al. Network security evaluation algorithm based on extension theory[J]. Computer Engineering and Applications, 2012,48(21): 79-82.
[72]	FU Y , WU X P , YE Q ,et al. An approach for information systems security risk assessment on fuzzy set and entropy weight[J]. Acta Electronica Sinica, 2010,38(7): 1489-1494.
[22]	BEALE J , DERAISON R , MEER H . Nessus network auditing[M]. Syngress, 2004.
[23]	BREIER J , HUDEC L . Towards a security evaluation model based on security metrics[C]// International Conference on Computer Systems＆ Technologies. ACM, 2012: 87-94.
[73]	KONG L , . Risk evaluation scheme for accounting information system based on Analytic Hierarchy Process[C]// 2017 International Conference on Smart Grid and Electrical Automation (ICSGEA). IEEE Computer Society, 2017.
[74]	TEMAM O , . The rebirth of neural networks[C]// International Symposium on Computer Architecture. 2010:349.
[75]	顾兆军, 辛倩 . 熵权神经网络的信息系统安全评估[J]. 计算机工程与设计, 2018,39(7): 1856-1860.
	GU Z J , XIN Q . Information system security evaluation based in entropy weight method and neural network[J]. Computer Engineering and Design, 2018,39(7): 1856-1860.
[76]	Standards Press of China. Information security technology system security level protection evaluation requirements[S]. GB/T 28448-2012. 2012.
[77]	MA L , PAN D , WU Z . ANN RBF approach of risk assessment for aviation ATM network[J]. Sensors ＆ Transducers Journal, 2013,159(11): 132-137.
[78]	JIANG Y P , CAO C , MEI X ,et al. A quantitative risk evaluation model for network security based on body temperature[J]. Journal of Computer Networks ＆ Communications, 2016(4):3.
[79]	ZHANG M , WANG L , JAJODIA S . Network diversity:asecurity metric for evaluating the resilience of networks against zero-day attacks[J]. IEEE Transactions on Information Forensics and Security, 2016:1.
[24]	Information technology -security techniques -information security management measurements[S]. ISO/IEC 27004, 2009.
[25]	PFLEEGER S , CUNNINGHAM R . Why measuring security is hard[J]. IEEE Security ＆ Privacy, 2010,8(4): 46-54.
[80]	CARLO B , MARCO C , GIANLUIGI V . Digital information asset evaluation[J]. ACM SIGMIS Database:the DATABASE for Advances in Information Systems, 2018,49(3): 19-33.
[81]	LEWIS M J , . Characterizing risk[C]// Eighth Cyber Security ＆ Information Intelligence Research Workshop. 2013: 1-4.
[26]	STOLFO S , BELLOVIN S M , EVANS D . Measuring security[J]. IEEE Security and Privacy Magazine, 2011,9(3): 60-65.
[27]	MENG M , . The research and application of the risk evaluation and management of information security based on AHP method and PDCA method[C]// International Conference on Information Management. IEEE, 2014: 379-383.
[82]	CHEN C X . Innovation and development of China’s information security level protection system[J]. Cyberspace Security, 2016,7(2): 5-6.
[83]	Common criteria for information technology security evaluation V3.1[R]. 2017.
[28]	FU J , HUANG L , YAO Y . Application of BP neural network in wireless network security evaluation[C]// International Conference on Wireless Communications. IEEE, 2010: 592-596.
[29]	JING X Y , YAN Z , WITOLD P . Security data collection and data analytics in the Internet:asurvey[J]. IEEE Communications Surveys ＆Tutorials, 2019,21(1): 568-618.
[84]	ALCARAZ C , MELTEM S?NMEZ TURAN . PDR:A Prevention,Detection and Response mechanism for anomalies in energy control systems[J]. American Geophysical Union, 2012,90(17): 22-33.
[85]	LIU G C . BS7799 criterion and its application in meso-information systems audit[J]. Journal of Audit ＆ Economics, 2012(3): 1-2.
[30]	BASILI V R , CALDIERA G , ROMBACH R H . The goal question metric approach[J]. Encyclopedia of Software Engineering, 1994(1): 578-583.
[31]	YAHYA F , WALTERS R J , WILLS G B . Using goal-question-metric(GQM) approach to assess security in cloud storage[M]. Enterprise Security. 2017.
[86]	WEIK M H . Federal information processing standard publication[R]. 2002.
[87]	NIKOLOPOULOU A . The directive on security of network and information systems (NIS directive)from a practional view[R]. 2019.
[32]	张漪墁, 赵小林 . 网络安全度量与评估的分析与研究[J]. 中国科技论文在线, 2018,11(4): 328-338.
	ZHANG Y M , ZHAO X L . Analysis and research on network security measurement and evaluation[J]. Highlights of Sciencepaper Online, 2018,11(4): 328-338.
[88]	National Institute of Standards and Technology. Framework for improving critical infrastructure cyber security[R]. 2014.
[89]	Standards Press of China. Information security technology-baseline for classified protection of cyber security[S]. GB/T 22239-2019, 2019.
[33]	YUSUF S E , HONG J B , GE M ,et al. Composite metrics for network security analysis[J]. Journal of Software Networking.2018, 2017(1): 137-160.
[34]	WAGNER I , ECKHOFF D . Technical privacy metrics:a systematic survey[J]. Computer Science, 2015,51(3).
[90]	姚传军 . WPDRRC 信息安全模型在安全等级保护中的应用[J]. 光通信研究, 2010(5): 27-29.
	YAO C J . Application of WPDRRC information security model in multi-level security protection[J]. Study on Optical Communications, 2010(5): 27-29.
[91]	KOROTKA M S , ROGER YIN L , BASU S C . Information assurance technical framework and end user information ownership:a critical analysis[J]. Journal of Information Privacy and Security, 2005,1(1): 10-26.
[92]	HECKMAN M , SCHELL R . Using proven reference monitor patterns for security evaluation[J]. Information, 2016,7(2):23.
[93]	HOUMB S H , RAY I . Trust-based security level evaluation using Bayesian belief networks[C]// Transactions on Computational Science X. 2010: 154-186.
[94]	CHEN Y J , LIAO G Y , CHENG T C . Risk assessment on instrumentation and control network security management system for nuclear power plants[C]// International Carnahan Conference on Security Technology. IEEE, 2009: 216-264.
[95]	GUAN B C , LO C , WANG P . Evaluation of information security related risks of an organization:the application of the multicriteria decision-making method[C]// IEEE International Carnahan Conference on Security Technology. IEEE, 2003: 168-175.
[96]	TAO H , LIANG C , CHI W . The research of information security risk assessment method based on fault tree[C]// Sixth International Conference on Networked Computing ＆ Advanced Information Management. IEEE, 2010: 370-375.
[97]	Standards Press of China. Classified criteria for security protection of computer information system[S]. GB17859-1999, 1999.
[98]	Aryasec. Aryasec.Measurement of information security effectiveness[EB/OL]. .
[99]	SIPONEN M , WILLISON R . Information security management standards:Problems and solutions[J]. Information ＆ Management, 2009,46(5): 267-270.
[100]	GB/T 31495.Information security technology―Indicator system of information security assurance and evaluation methods[EB/OL]. 2015.
[101]	FRAY I E , . A comparative study of risk assessment methods,mehari ＆cramm with a new formal model of risk assessment (fomra) in information systems[M]// Computer Information Systems and Industrial Management. Berlin Heidelberg:Springer, 2012.
[102]	SARKHEYLI A , ITHNIN N B . Improving the current risk analysis technologies by study of their process and using the human body’s immune system[C]// The 5th International Symposium on Telecommunications. IEEE, 2010: 651-656.
[103]	NSFOCUS , .Industrial control system information security assurance framework[R]. 2019.
[104]	王卫东 . 安全度量及其面临的挑战[J]. 保密科学技术, 2011(3): 54-58.
	WANG W D . Security metrics and challenges[J]. Secrecy Science and Technology, 2011(3): 54-58.
[105]	KOTT A , WANG C , ERBACHER R F . Cyber defense and situational awareness[M]. Berlin Heidelberg: SpringerPress, 2014.
[106]	CHENG Y , DENG J , LI J ,et al. Metrics of security[J]. Advances in Information Security, 2014,62: 263-295.
[107]	KOVACICH G . Information systems security metrics management[J]. Computers ＆ Security, 1997,16(7): 610-618.
[108]	HERRERA S O S , . Information security management metrics development[C]// International Carnahan Conference on Security Technology. IEEE, 2005.
[109]	龚俭, 臧小东, 苏琪 . 网络安全态势感知综述[J]. 软件学报, 2017,28(4): 1010-1026.
	GONG J , ZANG X D , SU Q . Network security situation awareness[J]. Journal of Software, 2017,28(4): 1010-1026.
[110]	KOTENKO I , NOVIKOVA E . Visualization of security metrics for cyber situation awareness[C]// 2014 Ninth International Conference on Availability,Reliability and Security (ARES). 2014: 506-513.
[111]	Security Score Card. Analysis of cyber risk exposure for US and European political parties report[R].2019-03-14.
[112]	UPGUAR D . A beginner’s guide to cyber security insurance[M]. Gov. uk Press, 2017.
[113]	LUNA J , GHANI H , GERMANUS D ,et al. A security metrics framework for the cloud[C]// The International Conference on Security and Cryptography. IEEE, 2011: 245-250.

模型	结合方法	优点	缺点		度量类别
模型	结合方法	优点	缺点	攻防度量	脆弱性度量	风险度量
关联分析	数据挖掘、D-S证据	较客观，方便量化指标	不成熟，需要大量数据	—	文献[39]	文献[40]
随机模型	马尔可夫链、隐马尔可夫	精确刻画系统随机行为，实时性	基于假设，难以验证	文献[48-49]	—	文献[16,47]
数学原理	微分流形、形式化、Petri网	精准度量	处于发展阶段	文献[19]	文献[51]	文献[53]
攻击图	属性图、状态图、贝叶斯网络	攻击度量成熟，全局度量偏攻击化	客观性弱，受算法效率影响	文献[57]	文献[58,61]	文献[62]
博弈论	马尔可夫	刻画攻防本质，易拓展	全局度量函数难设计	文献[63]	—	文献[65]
层次分析	模糊数学、可拓理论、信息熵	有层次性，灵活简单	有主观性，不适用复杂系统	—	—	文献[68]
神经网络	专家系统、熵权法	度量效率高	训练数据量不足	—	—	文献[77]

名称	可量化情况	适用性	优点	缺点
TCSEC	主观量化	为度量指标体系研究提供基础指导方向	技术层面详细，逻辑清晰	强调控制用户，没有关注物理等安全，不再修订
CC	主观量化	适用于一切网络系统，具有普适性	系统刻画了安全的全部内涵，消除重复度量，促进通用性	半形式化语言较难理解，涉及度量体系成本较高，主观性强
BS7799	主客观结合	有法律标准支撑，适用于工商业网络系统	内容详尽，认可度高，度量方法自由选择	每个指标的权重分析不足，测度精度不足
网络安全等级保护基本要求	主客观结合	指标全面细致，实用范围广	范围界定清晰，已上升至法律层面，具有高灵活性	没有衡量攻防过程中的动态变化，缺乏动态指标

问题	方法
全局度量方法学	新的度量体系与流程
指标体系发展	新的指标标准
态势感知与度量	态势感知、行为分析与度量
攻防效用计算	微分流形原理
安全管理度量	新的度量模型对管理进行量化分析
度量高效性	深度学习算法
攻防模拟与可视化度量	利用可视化模拟攻防过程，对系统进行全局度量
度量数据集	建立一个公开、可以作为度量基准的数据集
自动化网络系统度量	利用机器学习确定全局度量模型，自动化度量
网络系统安全度量行业化	结合不同行业网络，使度量落地

网络系统安全度量综述

Survey on network system security metrics

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 8

参考文献 113

相关文章 7

Metrics

推荐阅读 0

[1]	杨宏宇, 袁海航, 张良. 基于攻击图的主机安全评估方法[J]. 通信学报, 2022, 43(2): 89-99.
[2]	杨宏宇,于巾博,谢丽霞. 基于三维球体模型的XML通信协议安全评估方法[J]. 通信学报, 2013, 34(3): 183-191.
[3]	吴志军,王璐,史荣. 基于改进BP神经网络的ATM系统信息安全评估方法[J]. 通信学报, 2011, 32(2): 150-158.
[4]	苘大鹏,周渊,杨武,杨永田. 用于评估网络整体安全性的攻击图生成方法[J]. 通信学报, 2009, 30(3): 1-5.
[5]	司加全,张冰,苘大鹏,杨武. 基于攻击图的网络安全性增强策略制定方法[J]. 通信学报, 2009, 30(2): 125-130.
[6]	王爱宝,张光昭. 面向新一代通信服务的沟通网络系统模型研究[J]. 通信学报, 2008, 29(5): 72-80.
[7]	庞明,谭庆平,李海燕. 基于内容分发网络技术的远程教育系统的研究与实现[J]. 通信学报, 2006, 27(11): 144-147.