Journal of Beijing University of Posts and Telecommunications

  • EI核心期刊

JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM ›› 2012, Vol. 35 ›› Issue (1): 19-23.doi: 10.13190/jbupt.201201.19.zhongshq

• Papers • Previous Articles     Next Articles

Network Security Analysis Based on Host-Security-Group

ZHONG Shang-qin, XU Guo-sheng, YAO Wen-bin,YANG Yi-xian
  

  1. 1.Information Security Center, Beijing University of Posts and Telecommunications, Beijing 100876, China;2. National Engineering Laboratory for Disaster Backup and Recovery, Beijing University of Posts and Telecommunications, Beijing 100876, China
  • Received:2011-04-16 Revised:2011-07-07 Online:2012-02-28 Published:2012-01-05

Abstract:

A simple, flexible, and efficient method is proposed to generate hostbased attack graph. Based on this generating algorithm, the concept of ‘host-security-group’ is put forward, and according with its partitioning algorithm, an approach of analyzing network security by using theory of host-security-group is described. It is proved to be intuitive, efficient and accurate, as it describes the overall security situation of network and facilitates network security administrator to identify the key hosts.

Key words: network security, security analysis, hostbased attack graph, host-security-group, risk assessment

CLC Number: