A risk assessment model based on Petri Nets
This paper considers the real-time and dynamic network risk assessment method for information systems and networks. The networks/systems risk is evaluated using Petri nets model The model is constructed based on the mapping of networks/systems onto an attack graph, which takes to accurately determine the local traffic risk value of every participating router in the attack Petri graph. We address how locate and calculate the network risk, and eliminate potential attackers. We also present a novel Petri nets risk assessment algorithm. An important technical contribution is that our approach can determine the dangerous victim in the real-time, and get the potential attack trace. We have carried out experiments to illustrate the effectiveness and robustness of our method. Experiment results clearly show that we can locate the attackers in a short time, help user to improve the networks/systems security. This method can play an important role for network security assessment.
risk assessment Petri nets intrusion detection system vulnerability scan
Nian-dong LIAO Sheng-feng TIAN
School of Computer and Information Technology,Beijing Jiaotong University,Beijing 100044,China
国际会议
2008 International Conference on Risk and Relianility Management(2008风险与可靠性管理国际会议)
北京
英文
440-446
2008-11-10(万方平台首次上网日期,不代表论文的发表时间)