Research On Network Security Assessment Technology Based On Attack Graph

With the popularity of computers and development of the need people sharing computer resource, computer network has been improved constantly and developed rapidly. Computer network has gradually shifted from a closed, proprietary network to an open, public network, and the participants of computer network are shifting from minority professionals to ordinary people. Followed by are more computer system’s vulnerabilities and more opportunity vulnerabilities exploited, and it undermines the security of computer systems greatly. By analyzing vulnerabilities existed in network and exploiting path of vulnerabilities explicitly, network security assessment provide a basis for optimization of network security. Currently, network security assessment has become one of the hot fields of network security.Firstly, the paper carried out a detailed study on existing network security assessment techniques, after analyzing the attack graph theoretical model, studied the attack graph model based on a relational database detailed and presented an attack graph based on graphical database, in order to solve the problem of generating large number of tables’ connection relationship in the process of establishing the attack graph in traditional means. Then the paper discussed the possibility of Markov Chain adapting on attack graph model, and improved the existing attack graph model based on extended Markov Chain, and made the difficulty of atomic attack as a criterion determining the state transition probabilities, in order to eliminate the subjectivity brought by traditional method determining the state transition probability by subjective experience. Then the paper improved the existing network security assessment methodology based on attack graph, and proposed to use basic indicators in vulnerability of CVSS to determine the success probability of atomic attack and the damaging score of state node in order to solve the problem of subjectivity brought by an expert scoring way to determine success atomic attack probability. Finally, the paper made experiments to verify the feasibility of attack graph model based on the graphic database, and analyzed the application of attack graph model based on extended Markov Chain, and made network security assessment on the experimental network.Finally, the paper pointed out some shortcomings of the proposed attack graph model, and indicated the working direction in the future.