[1] WANG H, ZHU C H, SHEN Z H. A network security risk assessment method based on a B_NAG model[J]. Computer Systems Science and Engineering, 2021, 38(1):103-117. [2] WANG H, CHEN Z F, ZHAO J P, et al. A vulnerability assessment method in industrial Internet of things based on attack graph and maximum flow[J]. IEEE Access, 2018, 6:8599-8609. [3] HU H, ZHANG H Q, YANG Y J. Security risk situation quantification method based on threat prediction for multimedia communication network[J]. Multimedia Tools and Applications, 2018, 77(16):21693-21723. [4] SHAN C, GAO J, HU C Z, et al. Network risk assessment method based on asset correlation graph[C]//Trusted Computing and Information Security (CTCIS). Berlin:Springer, 2019:65-83. [5] POKHREL N R, TSOKOS C P. Cybersecurity:a stochastic predictive model to determine overall network security risk using Markovian process[J]. Journal of Information Security, 2017, 8(2):91-105. [6] 李鑫.基于攻击图的网络安全评估技术研究与实现[D].北京:北京邮电大学, 2017. LI X. Research and implementation of network security assessment technology based on attack graph[D]. Beijing:Beijing University of Posts and Telecommunications, 2017. [7] RUOHONEN J. A look at the time delays in CVSS vulnerability scoring[J]. Applied Computing and Informatics, 2019, 15(2):129-135. [8] FREI S, MAY M, FIEDLER U, et al. Large-scale vulnerability analysis[C]//Proceedings of the 2006 SIGCOMM Workshop on Large-Scale Attack Defense (LSAD'06). New York:ACM, 2006:131-138. [9] 葛海慧,肖达,陈天平,等.基于动态关联分析的网络安全风险评估方法[J].电子与信息学报, 2013, 35(11):2630-2636. GE H H, XIAO D, CHEN T P, et al. Quantitative eva-luation approach for real-time risk based on attack event correlating[J]. Journal of Electronics and Information Technology, 2013, 35(11):2630-2636. [10] 国家质量监督检验检疫总局,中国国家标准化管理委员会.信息安全技术信息安全风险评估规范:GB/T 20984-2007[S].北京:中国标准出版社, 2007. General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China. Information security technology-risk assessment specification for information security:GB/T 20984-2007[S]. Beijing:Standards Press of China, 2007. [11] JIN X, ZHANG W S. The optimization of objective weighting method based on relative importance[C]//20205th International Conference on Mechanical, Control and Computer Engineering (ICMCCE). Piscataway, NJ:IEEE Press, 2020:1234-1237. |