A Distributed Network Risk Assessment Method Based on Attack Graph

Abstract

Evaluating risk effectively selecting effective defence measures and defending information threats actively are the key points of resolving security problems of information system．Based on the actual requirements and status of risk assessment of information security，we integrate attack graph to apply it in studying risk assessment of information security．Firstly，focused on the uncertainty and complexity of risk assessment of information security，we integrate the technology of vulnerabilities associated with to apply it in studying risk assessment．On the other hand，since the attack path described by attack graph model is suited for the quantity data processing，and poor to the qualitative analyze，and risk is uncertain，the risk factors are quantized by the probability of attack path forming proposed in this dissertation so that the probability of atom attack are pre-treated，a risk assessment method based on attack graph model is proposed．The method Take full advantage of computing power of each host in the network, greatly shorten the attack graph generation time.