Journal of Beijing University of Posts and Telecommunications

  • EI核心期刊

JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM ›› 2015, Vol. 38 ›› Issue (4): 110-116.doi: 10.13190/j.jbupt.2015.04.022

• Reports • Previous Articles     Next Articles

Computer Network Vulnerability Assessment Based on Bayesian Attribute Network

WANG Xiu-juan, SUN Bo, LIAO Yan-wen, XIANG Cong-bin   

  1. Computer Institute, Beijing University of Technology, Beijing 100124, China
  • Received:2015-07-03 Online:2015-08-28 Published:2015-08-28

Abstract:

For assessing the vulnerability of computer network accurately and comprehensively, the problem of attack loops, the state explosion and analyzing qualitatively were researched. The method of converting attribute attack graph to the Bayesian network and the new loop elimination algorithm was also proposed. By using these two algorithms, a new Bayesian attribute attack graph model was build. The formula of assessing indicators was derived by Bayesian formula. The data of common vulnerability scoring system was used to compute the probability of attribute nodes and indicators to conduct network vulnerability assessment. Experiments analysis proves the feasibility and effectiveness of the model. Compared with other methods of vulnerability assessment, this model has simple calculation which is suitable for dynamic quantitative assessment.

Key words: attack graph, Bayesian network, vulnerability analysis, quantitative analysis

CLC Number: