Abstract: In order to improve the current network security evaluation systems, a novel evaluation algorithm, called the quantitative network security evaluation based on attack-defense confrontation, is proposed in this paper. In this algorithm, the traditional risk assessment is combined with network environment factors such as the network running status, asset security characteristics and so on, and several quantitative indexes are extracted based on the analysis of factors which can affect the LAN's security situation. Then, evaluations are made based on a classification of attacks. Experiment results show that the novel algorithm can be used to extract situation information more objective and detailed so the security administrator may form a clearer picture for the LAN's security situation.
|
Received: 22 August 2008
|
|
|
|