Network risk assessment method based on combination of Bayesian algorithm and matrix method

Abstract

Provided is a network risk assessment method based on the combination of a Bayesian algorithm and a matrix method. The network risk assessment method based on the combination of the Bayesian algorithm and the matrix method comprises the steps of researching network assets and assessing asset value, researching and collecting network threats, scanning system bugs and collecting system vulnerability, assessing occurrence frequency of threats, assessing severity of the vulnerability, combining the Bayesian conditional probability computational formula with the matrix algorithm, thus a factor for judging the severity of risk events is added, namely the probability of occurrence of the risk events brought by internal node relevance, the precision of assessment results of the risk assessment method is improved. When the network risk assessment method based on the combination of the Bayesian algorithm and the matrix method are used for analyzing risks in the network, the relevance of network nodes are taken into consideration, an adjacent deceive of the device is used, and then the conditional probability of risk events caused by attacks on the device serves as a factor of weighing for calculating the severity of the device risk, thus precision of analysis result is improved, and the actual guiding significance of method assessment results to network security protection is promoted.

Description

technical field [0001] The invention belongs to the field of network security assessment, and is a method for network risk assessment based on Bayesian algorithm and matrix method combined with network node correlation. Background technique [0002] With the rapid development of computer networks, network security has gradually become the focus of attention. In terms of testing and evaluation models, the most widely used in foreign research is the risk assessment model, mainly including the ALE risk assessment model issued by the US Bureau of Standards and the OCTAVE-related risk assessment model. The model elements of these risk assessment models basically adopt information assets, security threats, vulnerabilities, and security control measures. Using the above factors to describe information methods, various risk assessment models use different factor combinations and calculation methods. In addition to risk assessment models, there are also assessment models developed f...

AI Technical Summary

Problems solved by technology

However, there are still the following deficiencies in the implementation of this specification: 1. In the specification, the collection of threats and vulnerabilities mainly considers the vulnerability of a single device in the network to be

[0005] Threats are exploited to form risk events; but there is a lack of overall consideration of the relevance of network nodes;

[0006]2. The algorithm in the specification is mainly based on qualitative analysis and manual judgment, lacks quantitative and accurate formula calculation, and lacks consideration of the probability of occurrence of risk time

Images