Research And Implementation Of Network Security Situation Assessment Technology

With the rapid development and widely used of computer network, especially in recent years, the openness, sharing and interconnection degree of the network is growing, computer network makes people’s lives more and more convenient. However, at the same time, a variety of network security incidents occur more and more, and people begin to pay more attention to network security issues, In order to understand the security status of network systems, more accurate evaluation and prediction of the network’s security posture, network security situation assessment techniques as a hot research topic for the current field of network security have been proposed.Network security situation assessment is a new generation of information security technology, which can initiative to protect the security of the network system, for the complexity, no boundaries and multi-source heterogeneous of the current network system. To research network security situation assessment techniques, has great significance for discovery the vulnerability and potential threat in the network system, enhance emergency response capacity of the network system, and ease the damage caused by network attacks. At present, domestic and international research in the field in its infancy, and there is no unified, recognized standards, and their respective research focus is not the same, most studies confined to theoretical or simulation.First, base on the analysis of current domestic and international network security posture assessment development, this paper do a in-depth study of the key technologies of the network security posture assessment, and point out its superiority than the traditional network security technologies. Then, combine the characteristics of the network system itself, establish a network security situation quantitative assessment conceptual model based on hierarchical, and gives a security posture assessing framework. Then, analyze the impact of various network security elements in network to the overall security of network system, establish a network security situation quantitative evaluation index system and summary the quantified formula, evaluate the network security system from three aspects:the assets of the importance of indicators, the vulnerability index and threat index. Then, in based on the evaluate current network security posture, use the nonlinear characteristics of network security situation value which is from the quantitative assessment in the time series, put forward a trend forecasting method based on the Elman neural network, and build a prediction model, give the prediction step and the prediction algorithm.On the basis of the work in network security posture assessment and prediction models and research quantitative assessment methods, this paper designs and implements a network security situation assessment prototype system on Matlab and Microsoft Visual Studio2008development platform, including systems management module, resource monitoring module, asset identification module, threat detection module, the trend of safety assessment module, trend forecasting and reporting output module.Finally, test the network security posture assessment prototype system in the lab environment, and analyze the test results.The innovations of this paper are as follows:1. A network security situation assessment framework and quantitative evaluation index is established in this paper. Design and implement a network security situation assessment prototype system.2. Prediction model for network security situation base on Elman neural network is established in this paper. Research and Implement the prediction algorithm and forecasting process, and verify the validity of the model with practical examples.