Method for router online security risk assessment quantification

被引：0

作者：

Department of Information Transmission, Xi'an Communications Institute, Xi'an 710106, China ^{[1
]}

不详 ^{[2
]}

机构：

[1] Department of Information Transmission, Xi'an Communications Institute

[2] Administration Office for Graduate Students, Xi'an Communications Institute

来源：

Yang, J.-G. | 1600年 / Editorial Board of Journal on Communications卷 / 34期

关键词：

Online monitoring; Risk assessment; Router security; Threat situation;

D O I：

10.3969/j.issn.1000-436x.2013.11.008

中图分类号：

学科分类号：

摘要：

The concept of router safety performance was proposed based on the nature of router security issues and router attacks were classified. Then a method for router online security risk assessment quantification was also presented. The security risk factor of service decline was calculated by router bandwidth consumption and average CPU usage and the security risk factor of privilege escalation was calculated by the possibility of threat occurrence and severity based on the router attack classification. The router security threat status was evaluated combining weighting the importance of router and the security risk factor. The experiment results show the method is effective in calculating the quantitive risk of the router and helpful for administrators to assess security risks.

引用

页码：59 / 70

页数：11

共 23 条

[1] Long M., Xia J.B., Zhang Z.Y., Et al., Network security assessment based on node correlated HMM, Journal of Beijing University of Posts and Telecommunications, 33, 6, pp. 121-124, (2010)
[2] Zhang B.W., Luo Z., Xue Z., Et al., A network risk assessment model based on network global priviliege graph, Journal of Shanghai Jiaotong University, 44, 9, pp. 1197-1200, (2010)
[3] Stijn V.C., Threat modeling for web application using the STRIDE model, (2004)
[4] Fu Y., Wu X.P., Ye Q., Approach for information systems security situation evaluation using improved FAHP and Bayesian network, Journal on Communications, 30, 9, pp. 135-140, (2009)
[5] Nguyen H.V., Choi Y., Proactive detection of DdoS attacks utilizing k-NN classifier in an anti-DDos framework, International Journal of Electrical, 4, 4, pp. 247-252, (2010)
[6] Xie B.L., Yu S.Z., Application layer real-time proactive defense system based on application layer protocol analysis, Chinese Journal of Computers, 34, 3, pp. 452-463, (2011)
[7] Li Z.F., Using support vector machines to enhance the performance of Bayesian face recognition, IEEE Transactions on Information Forensics and Security, 2, 2, pp. 174-180, (2007)
[8] Mcnab C., Network Security Assessment, (2007)
[9] Zhang Y.Z., Fang B.X., Chi Y., Survey and evaluation on computer vulnerability database, Computer Science, 33, 8, pp. 19-21, (2006)
[10] Zhou L., Li J.E., Lu T.B., Et al., Research on quantitative assessment model on vulnerability risk for information system, Journal on Communications, 30, 2, pp. 71-76, (2009)

← 1 2 3 →