本文選題：網(wǎng)絡(luò)安全防御 + 組合強(qiáng)度��； 參考：《湖南大學(xué)》2014年碩士論文

【摘要】：隨著人們對(duì)Internet網(wǎng)絡(luò)的訪問(wèn)日益增加，網(wǎng)絡(luò)的安全性對(duì)人們十分重要，如何對(duì)網(wǎng)絡(luò)安全的評(píng)估是一個(gè)重要的研究課題。目前對(duì)于網(wǎng)絡(luò)安全評(píng)估仍然有許多不足。傳統(tǒng)風(fēng)險(xiǎn)評(píng)估的方法大部分為靜態(tài)的，往往是對(duì)各安全防御組件進(jìn)行單獨(dú)的評(píng)估，然后把評(píng)估結(jié)果簡(jiǎn)單的疊加得出整個(gè)網(wǎng)絡(luò)安全評(píng)估結(jié)論，，很少考慮整個(gè)網(wǎng)絡(luò)系統(tǒng)結(jié)構(gòu)以及網(wǎng)絡(luò)安全設(shè)備（組件）之間內(nèi)在的聯(lián)系對(duì)網(wǎng)絡(luò)安全防御的貢獻(xiàn)，實(shí)際上網(wǎng)絡(luò)安全組件之間復(fù)雜邏輯關(guān)系對(duì)整個(gè)網(wǎng)絡(luò)體系的防御能力具有重要影響。 （1）對(duì)網(wǎng)絡(luò)安全體系的背景及相關(guān)技術(shù)進(jìn)行研究。分析了網(wǎng)絡(luò)安全的一些安全技術(shù)，研究了目前信息網(wǎng)絡(luò)系統(tǒng)的防御體系，介紹了petri網(wǎng)的產(chǎn)生、定義、性質(zhì)及擴(kuò)展，為后面petri網(wǎng)絡(luò)安全防御體系評(píng)估模型提供基礎(chǔ)。 （2）通過(guò)對(duì)組件組合串并聯(lián)強(qiáng)度分析，同時(shí)結(jié)合petri網(wǎng)的特點(diǎn)，提出了一種基于petri網(wǎng)的網(wǎng)絡(luò)安全防御體系評(píng)估模型。 （3）對(duì)提出的評(píng)估模型進(jìn)行了仿真實(shí)驗(yàn)，驗(yàn)證了方法的有效性。通過(guò)蒙特卡羅算法模擬建模的過(guò)程，對(duì)基于petri網(wǎng)的網(wǎng)絡(luò)安全防御體系評(píng)估模型和傳統(tǒng)的P2P網(wǎng)絡(luò)體系進(jìn)行安全性方面的對(duì)比。 本文的主要?jiǎng)?chuàng)新點(diǎn)在于充分的考慮了各防御層次和防御部件之間的因素對(duì)網(wǎng)絡(luò)防御功能的作用，提出了一個(gè)更接近現(xiàn)實(shí)網(wǎng)絡(luò)防御功能的模型,最后用petri進(jìn)行分析建模且對(duì)模型進(jìn)行了證明。由于訪問(wèn)路徑生成的過(guò)程中充分考慮現(xiàn)實(shí)網(wǎng)絡(luò)拓?fù)浣Y(jié)構(gòu)與防御部件的配備，可以避免在某些部分過(guò)度防御而另一部分防御不足,因此對(duì)網(wǎng)絡(luò)安全規(guī)劃具有現(xiàn)實(shí)意義和指導(dǎo)意義。
[Abstract]:With the increasing access to the Internet, the security of the network is very important to people, how to evaluate the network security is an important research topic. At present, there are still many shortcomings in network security assessment. Most of the traditional risk assessment methods are static, and they usually evaluate each security defense component separately, and then simply stack the evaluation results to get the whole network security evaluation conclusions. Little consideration is given to the contribution of the entire network system architecture and the inherent link between the network security devices (components) to the network security defense, In fact, the complex logic relationship between the network security components has an important impact on the defense capability of the entire network architecture. (1) the background and related technologies of the network security system are studied. This paper analyzes some security technologies of network security, studies the current defense system of information network system, and introduces the generation, definition, nature and extension of petri network. It provides the basis for the evaluation model of petri network security defense system. (2) by analyzing the strength of component combination, series-parallel connection, and combining the characteristics of petri net, A network security defense system evaluation model based on petri net is proposed. (3) the proposed evaluation model is simulated to verify the effectiveness of the method. Through Monte Carlo algorithm simulation modeling process, the network security defense system evaluation model based on petri net and the traditional P2P network system are compared in security aspects. The main innovation of this paper is to fully consider the effects of various defense levels and defense components on the network defense function, and put forward a model which is closer to the real network defense function. Finally, petri is used to model and prove the model. Due to the consideration of the real network topology and the equipment of defense components in the process of access path generation, it can avoid over-defense in some parts and inadequate defense in others, so it has practical significance and guiding significance for network security planning.
【學(xué)位授予單位】：湖南大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 廖年冬;田盛豐;;入侵檢測(cè)規(guī)則動(dòng)態(tài)生成研究[J];北京交通大學(xué)學(xué)報(bào);2008年05期

2 段云所,劉欣,陳鐘;信息系統(tǒng)組合安全強(qiáng)度和脆弱性分析[J];北京大學(xué)學(xué)報(bào)(自然科學(xué)版);2005年03期

3 陳馳;馮登國(guó);徐震;;信息安全產(chǎn)品安全保證量化評(píng)估方法研究[J];電子學(xué)報(bào);2007年10期

4 姚傳軍;;WPDRRC信息安全模型在安全等級(jí)保護(hù)中的應(yīng)用[J];光通信研究;2010年05期

5 葉健;夏振泉;;預(yù)備役部隊(duì)駐訓(xùn)安全風(fēng)險(xiǎn)評(píng)估研究[J];國(guó)防;2008年08期

6 潘潔;劉愛(ài)潔;;基于APPDRR模型的網(wǎng)絡(luò)安全系統(tǒng)研究[J];電信工程技術(shù)與標(biāo)準(zhǔn)化;2009年07期

7 吳文可;文福拴;薛禹勝;周華鋒;李曉露;;基于多源信息的延時(shí)約束加權(quán)模糊Petri網(wǎng)故障診斷模型[J];電力系統(tǒng)自動(dòng)化;2013年24期

8 李樹(shù)德;張明清;唐俊;;網(wǎng)絡(luò)安全組件組合強(qiáng)度研究[J];計(jì)算機(jī)工程與應(yīng)用;2010年08期

9 黃光球;王金成;;具有動(dòng)態(tài)可靠性的模糊時(shí)間Petri網(wǎng)攻擊模型[J];計(jì)算機(jī)工程與應(yīng)用;2010年18期

10 韓銳生;徐開(kāi)勇;趙彬;;P2DR模型中策略部署模型的研究與設(shè)計(jì)[J];計(jì)算機(jī)工程;2008年20期

相關(guān)博士學(xué)位論文 前3條

1 韋勇;網(wǎng)絡(luò)安全態(tài)勢(shì)評(píng)估模型研究[D];中國(guó)科學(xué)技術(shù)大學(xué);2009年

2 雷杰;網(wǎng)絡(luò)安全威脅與態(tài)勢(shì)評(píng)估方法研究[D];華中科技大學(xué);2008年

3 廖年冬;信息安全動(dòng)態(tài)風(fēng)險(xiǎn)評(píng)估模型的研究[D];北京交通大學(xué);2010年

本文編號(hào)：2060981