本文已被:浏览 1592次 下载 523次
投稿时间:2020-02-14
投稿时间:2020-02-14
中文摘要: MulVAL是用于漏洞评估的攻击图生成工具,建立在两个现实中难以实现的假设的基础上。为了解决这一问题,提出了基于MulVAL改进的漏洞风险评估框架。首先,使用通用漏洞评分系统(CVSS)中的基础得分来计算漏洞的可利用性,以此来解决MulVAL默认漏洞的可利用性100%不足的问题;然后,使用贝叶斯理论来解决MulVAL默认漏洞之间相互独立的不足。在漏洞量化方面,由于可能存在2条及以上攻击路径的概率近似或相等的情况,因此将达到攻击目标所需的资源数量作为安全指标,筛选出最可能被攻击者采用的攻击路径。此外,防御方应同时使用具有综合性和针对性的漏洞扫描工具,以便更好地了解当前网络状况。
Abstract:MulVAL is an attack graph generation tool for vulnerability assessment.It is based on two assumptions that are hard to achieve in reality.To solve these problems, an improved MulVAL framework for vulnerability assessment is proposed.First, the base score of Common Vulnerability Scoring System is used to calculate the exploitability of vulnerabilities, so as to solve the problem that MulVAL supposes the exploitability of each vulnerability is 100%.Then, Bayesian theory is used to address the problem that MulVAL supposes each vulnerability is independent.Finally, for the reason that the probability of two or more attack paths may be similar or equal, the number of resources required for reaching the attack target is also used as a security metric in this paper.It is necessary to find the most possible path that can be adopted by the attacker.The defender should use both comprehensive and targeted vulnerability scanners to achieve a better understanding of current network status.
keywords: MulVAL attack graph common vulnerability scoring system Bayesian theory the number of resources vulnerability risk assessment
文章编号:20210607 中图分类号:TP309 文献标志码:
基金项目:国家自然科学基金(61403247,61702321)。
引用文本:
李红娇,何文豪,李晋国.基于MulVAL改进的漏洞风险评估框架[J].上海电力大学学报,2021,37(6):557-562,566.
LI Hongjiao,HE Wenhao,LI Jinguo.An Improved Vulnerability Assessment Framework Based on MulVAL[J].Journal of Shanghai University of Electric Power,2021,37(6):557-562,566.
李红娇,何文豪,李晋国.基于MulVAL改进的漏洞风险评估框架[J].上海电力大学学报,2021,37(6):557-562,566.
LI Hongjiao,HE Wenhao,LI Jinguo.An Improved Vulnerability Assessment Framework Based on MulVAL[J].Journal of Shanghai University of Electric Power,2021,37(6):557-562,566.