ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2017, Vol. 54 ›› Issue (4): 731-741.doi: 10.7544/issn1000-1239.2017.20161015

所属专题: 2017能源互联网专题

• 网络技术 • 上一篇    下一篇

基于威胁传播的多节点网络安全态势量化评估方法

田建伟1,田峥1,漆文辉1,郝悍勇2,李仁发3,黎曦1,乔宏1,薛海伟1   

  1. 1(国网湖南省电力公司电力科学研究院 长沙 410007); 2(国家电网公司 北京 100031); 3(湖南大学信息科学与工程学院 长沙 410082) (tianjw0509@163.com)
  • 出版日期: 2017-04-01
  • 基金资助: 
    国家自然科学基金项目(61672217)

Threat Propagation Based Security Situation Quantitative Assessment in Multi-Node Network

Tian Jianwei1, Tian Zheng1, Qi Wenhui1, Hao Hanyong2, Li Renfa3, Li Xi1, Qiao Hong1, Xue Haiwei1   

  1. 1(State Grid Hunan Electric Power Corporation Research Institute, Changsha 410007); 2(State Grid Corporation of China, Beijing 100031); 3(College of Computer Science and Electronic Engineering, Hunan University, Changsha 410082)
  • Online: 2017-04-01

摘要: 传统的安全态势评估方法主要面向小规模网信息系统,忽略了网络节点间风险的关联性.针对能源互联网中复杂的网络结构,提出基于威胁传播的多节点网络安全态势量化评估方法,1)该方法提出能源互联网网络节点的概念和相关定义,并利用图理论对能源互联网的网络结构进行建模;2)提出基于威胁传播概率的安全态势量化方法,计算网络节点安全态势,并提出多节点网络的权重计算方法LR-NodeRank,进而评估整个网络的融合安全态势;3)提出一种基于最简威胁图的安全态势改进方法,计算需要开展安全加固的网络边界.实验结果表明:该方法能够准确评估多节点网络的安全态势,能够有效计算边界连接关系.

关键词: 网络节点, 多节点网络, 威胁传播, 安全态势融合, 最简威胁图

Abstract: The traditional security situation assessment mainly focuses on the small scale network system, which has neglected the risk correlation among network nodes. In view of the complex network structure in the energy Internet, a quantitative assessment for multi-node network security situation based on threat propagation is proposed. This method firstly gives concept and definition of network nodes in energy Internet, and models the energy Internet network structure by using graph theory; secondly, quantitative method is proposed based on threat propagation probability to calculate the node security situation, also a multi-node weighting method called LR-NodeRank is put forward to evaluate fusion network security situation. Finally, a security situation improvement based on the simplest threat graph is proposed to calculate the network border needed to reinforce. Experimental results show that the proposed method can accurately assess the security situation of multi-node network, and can also effectively carry out the border connections.

Key words: network node, multi-node network, threat propagation, security situation fusion, simplest threat graph

中图分类号: