Security risk analysis framework based on network environment attributes

doi:10.3778/j.issn.1002-8331.2010.34.027

Computer Engineering and Applications ›› 2010, Vol. 46 ›› Issue (34): 85-88.DOI: 10.3778/j.issn.1002-8331.2010.34.027

• 网络、通信、安全 • Previous Articles Next Articles

Security risk analysis framework based on network environment attributes

CHEN Yu-feng^1，2，XIANG Zheng-tao¹，JIANG Wei-rong¹，JIAN Wei¹

1.School of Electrical and Information Engineering，Hubei University of Automotive Technology，Shiyan，Hubei 442002，China
2.College of Computer Science and Technology，Zhejiang University，Hangzhou 310027，China

Received:2009-04-08 Revised:2009-06-12 Online:2010-12-01 Published:2010-12-01
Contact: CHEN Yu-feng

一种面向网络环境属性的安全风险分析框架

陈宇峰^1，2，向郑涛¹，蒋伟荣¹，简炜¹

1.湖北汽车工业学院电气与信息工程学院，湖北十堰 442002
2.浙江大学计算机科学与技术学院，杭州 310027

通讯作者: 陈宇峰

Abstract

Abstract: Based on the analysis of software and hardware of network environment and mechanism of attacks，a security risk analysis framework based on network environment attributes is proposed.The set of environment elements is obtained after analyzing the software and hardware.The probabilities of risks that environment elements may induce are analyzed with two circumstances，which are reference model and real monitor data.By mapping the environment elements and consequences，the risk severe induced by environment elements is analyzed.The risk probabilities and severe induced by related environment risk and security elements are investigated with security boundary.Experiments show that with the framework，network security risk analysis can be implemented systematically.

Key words: network environment attributes, security risk analysis, Analytic Hierarchy Process（AHP）

摘要： 通过对网络环境中软硬件条件以及网络攻击机理的分析，提出了一种基于网络环境属性的安全风险分析框架。从软硬件条件的分析中得到环境因素集合；从参考模型和实际监测数据两种情况分析了环境因素引发风险的可能性；通过环境因素与风险后果的映射，分析了环境因素引发不同后果的风险严重性；并从安全边界的角度分析了具有关联性的环境风险和安全子因素所引发风险的可能性和严重性。通过实例说明，该框架能够系统化地分析网络安全风险。

关键词: 网络环境属性, 安全风险分析, 层次分析

CLC Number:

TP393.08

CHEN Yu-feng^1，2，XIANG Zheng-tao¹，JIANG Wei-rong¹，JIAN Wei¹. Security risk analysis framework based on network environment attributes[J]. Computer Engineering and Applications, 2010, 46(34): 85-88.

陈宇峰^1，2，向郑涛¹，蒋伟荣¹，简炜¹. 一种面向网络环境属性的安全风险分析框架[J]. 计算机工程与应用, 2010, 46(34): 85-88.

[1]	TIAN Qihua1, HUANG Chao1, YU Haidong2, DU Yixian1, ZHOU Xiangman1. Approach for determining weight of resource allocation in coupled task set based on AHP [J]. Computer Engineering and Applications, 2018, 54(21): 25-30.
[2]	XU Qinglin1, XIONG Mengqi1, LIU Yangfan2. Passenger subdivision model based on behaviors of airline passengers [J]. Computer Engineering and Applications, 2017, 53(24): 69-74.
[3]	ZHANG Jiachen, LIU Hao. Quantitative evaluation model for mobile video quality of experience [J]. Computer Engineering and Applications, 2017, 53(12): 133-139.
[4]	LIU Di1，2, ZHU Ligu1，2, ZHANG Lei1，2, FENG Dongyu1，2. Research of load-balancing model based on SSAWF mechanism [J]. Computer Engineering and Applications, 2017, 53(10): 90-95.
[5]	LUO Mei1, JIANG Jianhong2. Research of AHP evaluation method based on heuristic algorithm [J]. Computer Engineering and Applications, 2016, 52(22): 64-67.
[6]	WANG Shuyan, ZHANG Xinggen, SUN Jiaze. Research on evaluation model of mobile phones for elderly usability based on cloud model [J]. Computer Engineering and Applications, 2016, 52(19): 245-251.
[7]	CHEN Dejun1, GAO Xiaojun1, WANG Yifei2. Load balancing study in cloud storage based on AHP [J]. Computer Engineering and Applications, 2015, 51(7): 56-60.
[8]	ZHANG Jiandong, YANG Jin, LIU Caiming, LI Bin. Improved AHP algorithm applied in load balancing of Web clustered system [J]. Computer Engineering and Applications, 2015, 51(7): 93-97.
[9]	TAN Zhengmin1, PENG Qiyuan1, CHEN Si2, GAN Mi1. Multi-objective optimization model of loading reinforcement plan of railway long heavy goods [J]. Computer Engineering and Applications, 2015, 51(19): 24-27.
[10]	TAN Qian1, JIANG Yi1, LIN Fan2. Load prediction of Swift cloud storage based on AHP-RBF [J]. Computer Engineering and Applications, 2014, 50(8): 35-39.
[11]	DU Yuanwei, HAN Chen. Improved DS/AHP method based on three-point internal number [J]. Computer Engineering and Applications, 2014, 50(3): 211-214.
[12]	HUANG Lu, DUAN Zhongxing. Research of fuzzy comprehensive evaluation method for urban metro station luminous environment [J]. Computer Engineering and Applications, 2014, 50(16): 221-225.
[13]	GAO Jing, YU Junqi. Research on sustainability assessment of large-scale public building based on AHP-Fuzzy [J]. Computer Engineering and Applications, 2014, 50(13): 252-256.
[14]	YAN Lijun1，2, WU Caipeng1, SUN Yujie1, ZHANG Xiaofang1, SHEN Qingming1, 2. Group based product scheme evaluation model based on fuzzy AHP and evidential reasoning theory [J]. Computer Engineering and Applications, 2013, 49(18): 232-236.
[15]	DU Miao. Transformation from AHP to FAHP and their applications [J]. Computer Engineering and Applications, 2012, 48(9): 114-119.

Security risk analysis framework based on network environment attributes

一种面向网络环境属性的安全风险分析框架

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics