本文選題：動態(tài)風險評估 + 內(nèi)部威脅��； 參考：《中國海洋大學》2014年碩士論文

【摘要】：隨著計算機網(wǎng)絡的飛速發(fā)展和社會信息化進程的加快，越來越多的企業(yè)和政府部門通過信息系統(tǒng)開展業(yè)務、提供服務，信息系統(tǒng)的安全問題逐漸受到關(guān)注，成為時下熱點。風險評估能夠有效落實系統(tǒng)安全管理問題，并能夠評估出不同時期不同環(huán)境下安全問題重點，加強系統(tǒng)安全管理。為確保系統(tǒng)安全，對整個網(wǎng)絡信息系統(tǒng)進行風險評估是非常必要的。目前，現(xiàn)有的風險評估方法研究大多集中于靜態(tài)評估方法研究，，少數(shù)提出動態(tài)實時概念的方法僅僅考慮惡意攻擊、植入木馬等外部攻擊威脅，而忽略了系統(tǒng)內(nèi)部由系統(tǒng)升級、人工操作等因素造成的內(nèi)部配置錯誤威脅。 為解決上述問題，本文主要進行三方面的工作。第一，將隱馬爾可夫模型引入信息安全風險評估工作中，建模信息系統(tǒng)中主機的安全狀態(tài)，全面考慮主機可能面臨的外部威脅和內(nèi)部威脅，提出一種動態(tài)實時的信息安全風險評估模型。第二，改進模型算法，提出計算實時狀態(tài)轉(zhuǎn)移矩陣的新概念，最后基于隱馬爾可夫模型中的評估問題求解給出了一種信息系統(tǒng)整體意義上的網(wǎng)絡安全風險度量方法，為信息系統(tǒng)的網(wǎng)絡安全的量化管理提供了思路。仿真實驗結(jié)果表明，該方法保證實時動態(tài)評估的同時，能夠綜合分析威脅，合理分析和量化信息系統(tǒng)的安全狀況，提高了評估結(jié)果準確性和實時性。第三，基于風險評估理論，設計開發(fā)信息安全實時風險評估系統(tǒng)，引入Snort入侵檢測系統(tǒng)監(jiān)控外部攻擊，設計配置核查系統(tǒng)根據(jù)信息安全等級保護標準檢查主機內(nèi)部配置，所采集的外部威脅和內(nèi)部威脅數(shù)據(jù)格式化后傳輸給風險評估主系統(tǒng)，系統(tǒng)根據(jù)評估算法計算實時風險值，并分析威脅種類和配置符合情況，提供有效的整改建議報告。該系統(tǒng)提供了一種簡單有效的風險評估過程，提高評估效率，并能夠?qū)π畔⑾到y(tǒng)整體安全狀態(tài)做出科學的評價，對信息系統(tǒng)的安全防護水平提升有積極的推動作用。
[Abstract]:With the rapid development of computer network and the acceleration of social information process, more and more enterprises and government departments carry out business through information systems to provide services.Risk assessment can effectively implement the system security management problems, and can evaluate the key points of security problems in different environments in different periods, and strengthen the system security management.In order to ensure the security of the system, it is necessary to evaluate the risk of the whole network information system.At present, most of the existing risk assessment methods focus on static evaluation methods. A few of the methods that put forward the concept of dynamic real-time only consider malicious attacks, implant Trojan horses and other external attack threats, but ignore the upgrade of the system internal by the system.Human operation and other factors caused by the internal configuration error threat.In order to solve the above problems, this paper mainly carries out three aspects of work.Firstly, the hidden Markov model is introduced into the work of information security risk assessment, and the security state of the host in the information system is modeled, and the external and internal threats that the host may face are considered comprehensively.A dynamic and real-time information security risk assessment model is proposed.Secondly, a new concept of computing real-time state transition matrix is proposed by improving the model algorithm. Finally, a network security risk measurement method in the whole sense of information system is presented based on the evaluation problem in hidden Markov model.It provides a way for the quantitative management of network security of information system.The simulation results show that this method can comprehensively analyze threats, reasonably analyze and quantify the security of the information system, and improve the accuracy and real-time performance of the evaluation results.Thirdly, based on the theory of risk assessment, the real-time risk assessment system of information security is designed and developed. The Snort intrusion detection system is introduced to monitor the external attacks, and the configuration verification system is designed to inspect the internal configuration of the host according to the information security level protection standard.The collected external threat and internal threat data are formatted and transmitted to the risk assessment master system. According to the evaluation algorithm, the system calculates the real time risk value, analyzes the threat types and configuration conformance, and provides an effective corrective report.The system provides a simple and effective risk assessment process, improves the evaluation efficiency, and can make a scientific evaluation of the overall security status of the information system. It has a positive role in promoting the level of security protection of the information system.
【學位授予單位】：中國海洋大學
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TP393.08

【參考文獻】

相關(guān)期刊論文 前1條

1 陳天平;喬向東;鄭連清;羅騫;;圖論在網(wǎng)絡安全威脅態(tài)勢分析中的應用[J];北京郵電大學學報;2009年01期

本文編號：1752401