基于威胁传播采样的复杂信息系统风险评估

doi:10.7544/issn1000-1239.2015.20140184

计算机研究与发展 ›› 2015, Vol. 52 ›› Issue (7): 1642-1659.doi: 10.7544/issn1000-1239.2015.20140184

基于威胁传播采样的复杂信息系统风险评估

马刚^1,2,杜宇鸽³,安波¹,张博^1,2,王伟⁴,史忠植¹

¹(中国科学院计算技术研究所智能信息处理重点实验室北京 100190); ²(中国科学院大学北京 100049); ³(中国信息安全测评中心北京 100085); ⁴(北京联索科技有限公司北京 100080) (mag@ics.ict.ac.cn)

出版日期: 2015-07-01
基金资助:
基金项目：国家“九七三”重点基础研究发展计划基金项目(2013CB329502)；国家自然科学基金项目(61035003)；国家“八六三”高技术研究发展计划基金项目(2012AA011003)；国家科技支撑计划基金项目(2012BA107B02)

Risk Evaluation of Complex Information System Based on Threat Propagation Sampling

Ma Gang^1,2, Du Yuge³, An Bo¹, Zhang Bo^1,2, Wang Wei⁴, Shi Zhongzhi¹

¹(Key Laboratory of Intelligent Information Processing, Institute of Computing Technology, Chinese Academy of Sciences, Beijing 100190);²(University of Chinese Academy of Sciences, Beijing 100049);³(China Information Technology Security Evaluation Center, Beijing 100085);⁴(Beijing Lexo Technologies Co., Ltd., Beijing 100080)

Online: 2015-07-01

摘要/Abstract

摘要： 互联网时代的信息安全已成为全社会关注的问题之一.信息系统是信息的载体，为有效评估大规模分布式复杂信息系统的风险，构建了一种基于威胁传播采样的复杂信息系统风险评估方法.该方法考虑到威胁在复杂信息系统中传播时，对资产结点的转移状态以及资产结点发出的威胁传播边进行采样来生成威胁传播树(threat propagation trees, TPT)，然后通过计算威胁传播树中各资产结点的期望损失以及威胁传播树的概率来对整个复杂信息系统进行风险评估.实验分析表明，基于威胁传播采样的复杂信息系统风险评估方法，在生成威胁传播树时具有高效的时间效率，能够对复杂信息系统进行客观准确的风险评估，且在对复杂信息系统资产结点制定安全防护策略时，能够为安全风险管理者提供较为合理的安全指导建议.

关键词: 复杂信息系统, 威胁传播采样, 风险评估, 资产结点, 威胁传播边, 威胁传播树

Abstract: Information security has been one of the focuses of social concern in the age of Internet. There is no doubt that accurately assessing the security of information medium is becoming the focus of the present information security work. For evaluating the risk of the large-scale distributed complex information system, we propose a risk evaluation method of the complex information system based on threat propagation sampling. Firstly, when the threats propagate in the complex information system, the number of threat propagation trees (TPT) is reduced by sampling the transition states of the asset nodes and the threat propagation edges emitted by the asset nodes, then computing the expected value loss of each node in the threat propagation tree and the probability of each threat propagation tree to evaluate the risk of the complex information system. The experimental analysis not only shows the risk evaluation proposed in this paper has higher time-efficient compared with the traditional combined strategy when producing the threat propagation tree, but also can make an objective and accurate risk evaluation. Furthermore, it can give more comprehensive and rational security-guide advices for security-risk managers when developing some security protection strategies on the asset nodes of the complex information system.

Key words: complex information system, threat propagation sampling, risk evaluation, asset node, threat propagation edge, threat propagation trees (TPT)

中图分类号:

TP309

马刚,杜宇鸽,安波,张博,王伟,史忠植. 基于威胁传播采样的复杂信息系统风险评估[J]. 计算机研究与发展, 2015, 52(7): 1642-1659.

Ma Gang, Du Yuge, An Bo, Zhang Bo, Wang Wei, Shi Zhongzhi. Risk Evaluation of Complex Information System Based on Threat Propagation Sampling[J]. Journal of Computer Research and Development, 2015, 52(7): 1642-1659.

	作者相关文章
	马刚
	杜宇鸽
	安波
	张博
	王伟
	史忠植

[1]	朱梦莹,郑小林,王朝晖. 基于风险和剩余价值的在线P2P借贷投资推荐方法[J]. 计算机研究与发展, 2016, 53(12): 2708-2720.
[2]	马春光，汪诚弘，张东红，李迎涛. 一种基于攻击意愿分析的网络风险动态评估模型[J]. 计算机研究与发展, 2015, 52(9): 2056-2068.
[3]	陈小军1,2,3 时金桥2 徐菲2 蒲以国2 郭莉2. 面向内部威胁的最优安全策略算法研究[J]. 计算机研究与发展, 2014, 51(7): 1565-1577.
[4]	李斌, 谢丰, 陈钟,. 一种面向业务的风险评估模型[J]. , 2011, 48(9): 1634-642.
[5]	穆成坡, 黄厚宽, 田盛丰,. 入侵进程的层次化在线风险评估[J]. , 2010, 47(10): 1724-1732.

基于威胁传播采样的复杂信息系统风险评估

Risk Evaluation of Complex Information System Based on Threat Propagation Sampling

RichHTML

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 5

编辑推荐

Metrics

本文评价