摘要
近年来,Internet技术迅速发展,计算机网络在政治、经济、军事、社会生活等各个领域发挥着日益重要的作用。然而,在网络技术给人们的生活、工作带来无尽便利的同时,计算机网络开放性、互联性的特点,也使得网络攻击行为变得更为普遍,网络安全问题已经引起人们的广泛关注。在实际的网络环境中,安全风险是必然存在的,为了保证网络的正常运行,必须主动识别和分析网络中存在的安全隐患,并根据分析结果采取适当的措施来降低安全风险。因此,如何对网络安全性做出准确的评估显得尤为重要,已经成为网络安全领域的研究热点之一。本文从技术角度出发,对网络系统安全性评估中涉及的脆弱性评估和攻击威胁评估等关键技术进行了深入研究,主要包括以下四个方面:
首先,对网络脆弱性的建模方法展开研究。针对分析单一目标安全性和网络整体安全性的两种需求,提出了基于深度优先的攻击图生成方法DFAGG和基于广度优先的攻击图生成方法BFAGG。DFAGG方法在给定攻击目标的情况下,按照深度优先的策略搜索网络弱点间存在的关联性,并以此为根据构造能够到达目标状态的攻击路径。BFAGG算法则采用广度优先的策略搜索攻击者所能到达的全部网络安全状态。在上述两种方法中还引入了限制攻击步骤数和攻击路径成功概率的优化策略,并通过数学计算和实验模拟等方法分析了优化策略对攻击图分析结果准确性产生的影响。
其次,研究了网络脆弱性的分析方法。通过引入状态节点吸引力系数等概念,给出了攻击图中状态节点可达性和弱点可达性的计算方法。在此基础上,提出了一种基于弱点关联和安全需求的网络脆弱性量化评估方法。该方法首先利用攻击图计算各个弱点的可达性。然后,计算各弱点对主机保密性、完整性和可用性的影响。最后,根据主机的安全需求评估主机和网络的安全性。本文还提出了一种量化的网络安全性增强策略的制定方法。该方法首先计算攻击者到达各种网络状态后对网络安全性的影响,然后求得各种安全要素对网络安全性的影响,最后根据最大影响度优先的原则删除安全要素。
再次,研究了网络攻击威胁的评估方法。提出了一种基于隐马尔可夫模型的网络威胁评估方法。建立了一个用于实时评估主机威胁状况的隐马尔可夫模型。改进了Baum-Welch训练算法中状态转移概率分布的计算公式,使用改进后的训练算法估计模型参数。利用模型计算主机在各个时刻处于受攻击状态的概率,并结合主机资产价值、攻击事件的严重程度评估主机和网络的威胁指数。通过对实时威胁指数的二次处理来获得主机和网络的威胁态势曲线,从中了解威胁态势的变化规律。
最后,针对大规模、多管理域的网络环境,设计并实现了一个分布式的网络安全评估系统DNSES。DNSES系统由管理器、分析器和信息采集器组成,三类部件之间的关系是层次式的。为了融合分析多个管理域的评估结果,通过目录服务器为不同管理域下的分析器建立协作关系。系统引入了前面章节研究的关键技术,能够对目标网络存在的脆弱性和面临的攻击威胁进行分析,并通过逻辑推理技术融合上述分析结果,从而实现对目标网络安全性的综合评估。
With the fast development of Internet technologies recently, computer networks have played an increasingly important role in the fields of politics, economy, military, and social life. Although network technologies bring endless convenience for people's life and work, the openness and interconnection of networks make network attacks become more universal, and network security problems have attracted wide attention. Risk always exists in the real network environment.In order to ensure normal operation of networks, hidden troubles in networks must be identified and analyzed, and proper measures must be adopted to decrease the risk according to analysis results. Therefore, how to accurately evaluate the security of a network becomes an important problem, and it has been one of the research focuses in the field of network security. From technical perspective, the key technologies of vulnerability and attack threat assessment involved in network security evaluation are researched deeply in this paper. It mainly includes:
Firstly, we carry out research on modeling methods for network vulnerability. In order to analyze the security of single target and the overall security of networks, a depth-first attack graph generation method (DFAGG) and a breadth-first attack graph generation method (BFAGG) are proposed. Given that the attack target is determined, DFAGG algorithm searches the correlation of network vulnerabilities based on depth-first, and constructs attack graphs according to the correlation. BFAGG algorithm searches all the network states at which attackers can arrive on the basis of breadth-first. Strategies of limiting the number of attack steps and success probability of attack paths are adopted in both methods. The effects of optimization strategies on the accuracy of evaluation results are analyzed by mathematical calculation and experiments.
Secondly, we study analysis methods for network vulnerability. Based on introducing the definition of state node attraction coefficient, a method to calculate the reachability of state nodes and vulnerabilities in attack graphs is presented. On this ground, a quantitative assessment method for network security based on the vulnerability correlation and security requirements is proposed. The proposed method calculates the vulnerability reachability by using attack graphs at first. Then, the effects of vulnerabilities on availability, confidentiality and integrity of hosts are calculated. The security of hosts and network are assessed based on the security requirements at last. In addition, a quantitative method to make strategies for the enhancement of network security is proposed. The method calculates the effects of arrived network states on network security firstly. Then, the effects of security elements on network security are calculated. The security elements are removed based on maximum influence degree in the end.
Thirdly, we study assessment methods for network threat. A method for real-time assessing network threat based on Hidden Markov Model (HMM) is proposed. The algorithms for calculating threat indices of hosts and networks are presented. Baum-Welch algorithm is used to estimate model parameters for improving the automation of evaluation process. The model is used to calculate the probability that hosts are in attacked states, and threat indexes are assessed with probability, hosts values and importance of attack events. Threat situation curves of hosts and networks are got by a secondary treatment method of threat indices. The law of threat situation's variation is found by the curves.
Finally, for the network environments of large-scale and multiple administrative domains, a distributed network security evaluation system (DNSES) is designed and implemented. The system consists of three parts: manager, analyzer, and information collector. The three parts is of hierarchical relation. In order to fuse the assessment results of multiple administrative domains, the cooperative relation between analyzers in the different administrative domains is constructed by a directory server. The system introduces key technologies depicted in former chapters. It can analyze the vulnerability and the threat of target networks, and synthetically evaluate the security of network by logic reasoning technologies.
引文
[1]张涛.网络安全评估技术研究.哈尔滨:哈尔滨工业大学博士学位论文,2006
[2]张世永.网络安全原理与应用.科学出版社,北京,2003
[3]Information technology -- Security techniques -- Management of information and communications technology security -- Part 1:Concepts and models for information and communications technology security management (ISO/IEC 13335-1:2004).http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue _detail.htm?csnumber=39066,2007
[4]信息安全技术信息安全风险评估规范.http://www.csres.com/detail/182326.html.2007
[5]冯登国,张阳,张玉清.信息安全风险评估综述.通信学报,2004,25(7):10-18页
[6]王英梅.信息安全风险评估技术手段综述.中国信息协会信息安全专业委员会年会文集.2004:35-44页
[7]ACSA and MTTRE Corp.Information system security attribution quantification or ordering.Proc the 1st Workshop on Information System Security Scoring and Ranking.Williamsburg,Virginia,ACSA and MITRE Corp,2001
[8]D Longley,M Shain,W Caelli.Information Security:Dictionary of Concepts,Standards and Terms.New York,USA,1992
[9]M Bishop,D Bailey.A Critical Analysis of Vulnerability Taxonomies.Technical Report CSE296211.Department of Computer Science,University of California at Davis,1996
[10]汪立东.操作系统安全评估与审计增强.哈尔滨:哈尔滨工业大学博士论文,2002
[11]邢栩嘉,林闯,蒋屹新.计算机系统脆弱性评估研究.计算机学报,2004, 27(1):1-11页
[12]D Farmer,E H Spafford.The Cops Security Checker System.Technical Report CSD-TR-993.Department of Computer Sciences,Purdue University,September 1991
[13]ISS.http://www.iss.com,2008
[14]OVAL Scanner.http://oval.mitre.org/oval/about/documents.html,2008
[15]NMAP.http://www.insecure.org/nmap/index.html,2008
[16]Nessus Scanner.http://www.nessus.org,2008
[17]Passive Vulnerability Scanner.http://www.tenablesecurity.com/products/pvs,2008
[18]G Helmer,J Wong,M Slagell,et al.A Software Fault Tree Approach to Requirements Analysis of an Intrusion Detection System.Requirements Engineering Journal,2002,7(4):207-220P
[19]张涛,胡铭曾,云晓春等.计算机网络安全性分析建模研究.通信学报,2005,26(12):100-109页
[20]张涛,胡铭曾,云晓春等.基于故障树的计算机安全性分析模型.高技术通讯,2005,15(7):18-23页
[21]B Schneier.Attack Trees.Dr.Dobb's Journal,1999,24(12):21-29P
[22]A P Moore,R J Ellison,R C Linger.Attack Modeling for Information Security and Survivability.Technical Note,CMU/SEI-2001-TN-001,2001
[23]J Dawkins,C Campbell,J Hale.Modeling Network Attacks:Extending the Attack Tree Paradigm.Proc Workshop on Statistical and Machine Learning Techniques in Computer Intrusion Detection,Johns Hopkins University,June 2002
[24]K Clark,S Tyree,J Dawkins,et al.Qualitative and Quantitative Analytical Techniques for Network Security Assessment.Proc 2004 Information Assurance Workshop of the 5th Annual IEEE SMC,Hawaii,USA,IEEE Press,2004.321-328P
[25]甘早斌,吴平,路松峰等.基于扩展攻击树的信息系统安全风险评估.计算机应用研究.2007,24(11):153-156页
[26]G C Dalton,R F Mills.Analyzing Attack Trees Using Generalized Stochastic Petri Nets.Proc the 7th IEEE Workshop on Information Assurance,NY,USA,2006.116-123P
[27]I Ray,N Poolsapassit.Using Attack Trees to Identify Malicious Attacks from Authorized Insiders.Proc the 10th European Symposium on Research in Computer Security,Milan,Italy,2005
[28]王辉,刘淑芬.改进的最小攻击树攻击概率生成算法.吉林大学学报(工学版),2007,37(5):1 142-1147页
[29]段友祥,王海峰.基于改进攻击树的网络攻击模式形式化研究.中国石油大学学报(自然科学版),2007,31(1):144-147页
[30]肖道举,马慧,陈晓苏.一种结构化的网络攻击建模方法.华中科技大学学报(自然科学版),2006,34(2):70-72页
[31]C Fung,Y L Chen,X Y Wang,et al.Survivability Analysis of Distributed Systems Using Attack Tree Methodology.Proc 2005 Military Communication Conference,New Jersey,USA,2005.583-589P
[32]R Dewri,N Poolsappasit,I Ray,et al.Optimal Security Hardening Using Multi-objective Optimization on Attack Tree Models of Networks.Proc the 14th ACM Conference on Computer and Communications Security(CCS'07).Alexandria,Virginia,USA,ACM Press,2007.204-213P
[33]向尕,曹元大.基于攻击分类的攻击树生成算法研究.北京理工大学学报,2003,23(3):340-344页
[34]K Clark,J Dawkins,J Hale.Security Risk Metrics:Fusing Enterprise Objectives and Vulnerabilities.Proc 2005 Systems,Man and Cybernetics (SMC) Information Assurance Workshop,IEEE Press,2005.388-393P
[35]马琳茹,杨林,王建新.一种新的基于任务的安全量化评估方法.系统仿真学报,2007,19(15):3372-3375页
[36]K Edge,R Raines,R Bennington,et al.The Use of Attack and Protection Trees to Analyze Security for an Online Banking System.Proc the 40th Annual Hawaii International Conference on System Sciences (HICSS'07),Hawaii,USA,IEEE Press,2007
[37]S Bistarelli,F Fioravanti,P Peretti.Defense Trees for Economic Evaluation of Security Investments.Proc the First International Conference on Availability,Reliability and Security (ARES'06),Vienna,IEEE Press,2006.416-423 P
[38]S Bistarelli,F Fioravanti,P Peretti.Using CP-nets as a Guide for Countermeasure Selection.Proc the 2007 ACM symposium on Applied computing,Seoul,Korea,ACM Press,2007.300-304P
[39]M Dacier,Y Deswartes,M Kaaniche.Quantitative Assessment of Operational Security Models and Tools.Technical Report Research Report 96493,LAAS,1996P
[40]R Ortalo,Y Deswarte.Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security.IEEE Transactions on Software Engineering,1999,25(5):633-650P
[41]C Ramakrishnan,R Sekar.Model-based Vulnerability Analysis of Computer Systems.Proc the 2nd International Workshop on Verification,Model Checking and Abstract Interpretation,NY,USA,1998
[42]C Ramakrishnan,R Sekar.Model-based Analysis of Configuration Vulnerabilities.Journal of Computer Security,2002,10(I-2):189-209P
[43]R W Ritchey,P Ammann.Using Model Checking to Analyze Network Vulnerabilities.Proc of 2001 IEEE Symposium on Security and Privacy,California,USA,IEEE Press,2001.156-165P
[44]O Sheyner,J Haines,S Jha,et al.Automated Generation and Analysis of Attack Graphs.Proc of 2002 IEEE Symposium on Security and Privacy,California,USA,IEEE Press,2002.254-265P
[45]H R Shahriari,R Jalili.Using CSP to Model and Analyze Transmission Control Vulnerabilities Within the Broadcast Network.Proc the IEEE International Networking and Communication Conference (INCC'2004),Pakistan,IEEE Press,2004.42-47P
[46]王永杰,鲜明,刘进等.基于攻击图模型的网络安全评估研究.通信学报,2007,28(3):29-34页
[47]L P Swiler,C Phillips,D Ellis,et al.Computer Attack Graph Generation Tool.Proc 2001 DARPA Information Survivability Conference and Exposition,CA,USA,IEEE Press,2001.307-321P
[48]C Phillips,L P Swiler.A Graph-based System for Network Vulnerability Analysis.Proc of the 1998 workshop on New security paradigms,Charlottesville,Virginia,USA,ACM Press,1998.71-79P
[49]P Ammann,D Wijesekera,S Kaushik.Scalable,Graph-based Network Vulnerability Analysis.Proc of the 9th ACM Conference on Computer and Communications Security,Washington,DC,USA,ACM Press,2002.217-224P
[50]张涛,胡铭曾,云晓春等.网络攻击图生成方法研究.高技术通讯,2006,16(4):348-352页
[51]R Rieke.Modelling and Analysing Network Security Policies in a Given Vulnerability Setting,Proc the 1st International Workshop on Critical Information Infrastructures Security(CRITIS 2006),Samos Island,Greece,Springer Press,2006.67-78P
[52]H R Shahriari,R Jalili Vulnerability Take Grant (VTG):An Efficient Approach to Analyze Network Vulnerabilities.Computers & Security,2007,26:349-360P
[53]H R Shahriari,R Jalili.Modeling and Analyzing Network Vulnerabilities via a Logic-based Approach.Proc the 2nd International Symposium of Telecommunications (IST 2005),Shiraz,Iran,2005
[54]X M Qu,S Govindavajhala,A W Appel.MulVal:a logic-based network security analyzer.Proc the 14th USENIX Security Symposium,MD,USA,ACM Press,2005.113-28P
[55]X M Qu,W F Boyer,M A McQueen.A Scalable Approach to Attack Graph Generation.Proc the 13th ACM Conference on Computer and Communications Security,Alexandria,Virginia,USA,ACM Press,2006.336-345P
[56]L Y Wang,C Yao,A.Singhal.Interactive Analysis of Attack Graphs Using Relational Queries. Proc 2006 Data and Applications Security, Sophia Antipolis,France, Springer Press, 2006.119-132P
[57]P Ning, Y Cui, D S Reeves. Constructing Attack Scenarios Through Correlation of Intrusion Alerts. Proc the 9th ACM Conference on Computer and Communications Security, Alexandria, Virginia, USA, ACM Press, 2002.245- 254P
[58]L Y Wang, A Y Liu, S Jajodia. Using Attack Graphs for Correlating,Hypothesizing, and Predicting Intrusion Alerts. Computer Communications,2006,29: 172-193P
[59] S Noel, S Jajodia. Correlating Intrusion Events and Building Attack Scenarios through Attack Graph Distance. Proc the 20~(th) Annual Computer Security Applications Conference (ACSAC' 04), Anaheim, California, USA, IEEE Press, 2004
[60] S Noel, S Jajodia, B O Berry, et al. Efficient Minimum-Cost Network Hardening Via Exploit Dependency Graphs. Proc the 19(th) Annual Computer Security Applications Conference(ACSAC' 03), Anaheim, California, USA,IEEE Press, 2003.86-95P
[61]L Y Wang, S Noel, S Jajodia. Minimum-Cost Network Hardening Using Attack Graphs. Computer Communications, 2006, 29: 3812-3824P
[62] J Pamula, P Ammann. A Weakest-Adversary Security Metric for Network Configuration Security Analysis. Proc the 2nd ACM Workshop on Quality of Protection, Alexandria, Virginia, USA, ACM Press, 2006.31-37P
[63] V Swamp. Remediation Graphs for Security Patch Management. Springer Verlag, 2006: 18-28P
[64] S Jha, O Sheyner, J Wing. Two Formal Analyses of Attack Graphs. Proc the 15th IEEE Computer Security Foundations Workshop, Cape Breton, Nova Scotia, Canada, IEEE Press, 2002. 49-63P
[65] V Mehta, C Bartzis, H F Zhu. Ranking Attack Graphs. Proc of the 9th International Symposium on Recent Advances in Intrusion Detection,Hamburg, Germany, Springer Press, 2006.127-144P
[66]B Monica, G Marci, S Franco. Inside Pagerank. ACM Transactions on Internet Technology, 2005: 92-128P
[67]R Dantu, K Loper, P Kolan. Risk Management Using Behavior based Attack Graphs. Proc 2004 International Conference on Information Technology:Coding and Computing (ITCC 2004), Las Vegas, Nevada, USA, IEEE Press,2004
[68]R Dantu, P Kolan, R Akl, et al. Classification of Attributes and Behavior in Risk Management Using Bayesian Networks. Proc 2007 Intelligence and Security Informatics (ISI 2007), New Brunswick, New Jersey, USA, IEEE Press, 2007.71-74P
[69]S Noel, S Jajodia. Managing Attack Graph Complexity through Visual Hierarchical Aggregation. Proc the 2004 ACM Workshop on Visualization and Data Mining for Computer Security, Washington, DC, USA, ACM Press, 2004.109-118P
[70]S Noel, M Jacobs, P Kalapa, et al. Multiple Coordinated Views for Network Attack Graphs. Proc 2005 Workshop on Visualization for Computer Security,Minneapolis, MN, USA, IEEE Press, 2005.99-106P
[71]K lngols, R Lippmann, K Piwowarski. Practical Attack Graph Generation for Network Defense. Proc the 22th Annual Computer Security Applications Conference(ACSAC'06), Miami Beach, Florida, USA, IEEE Press,2006.121-130P
[72]R Lippmann, K lngols, C Scott, et al. Validating and Restoring Defense in Depth Using Attack Graphs. Proc the 2006 Military Communications Conference, Washington, DC, USA, IEEE Press, 2006.1-10P
[73]W Li, R Vaughn. Building Compact Exploitation Graphs for a Cluster Computing Environment. Proc of the 2005 IEEE Workshop on Information Assurance and Security United States Military Academy, West Point, NY, USA, IEEE Press, 2005.50-57P
[74]J Dawkins, J Hale. A Systematic Approach to Multi-Stage Network Attack Analysis.Proc the 2nd IEEE International Information Assurance Workshop,Charlotte,NC,USA,2004
[75]J Mcdermott.Attack Net Penetration Testing.Proc the 2000 New Security Paradigms Workshop,Ballycotton,County Cork,Ireland,ACM Press,2000.15-22P
[76]C Helmer,J Wong,M Slagell,et al.Software Fault Tree and Colored Petri net based Specification,Design and Implementation of Agent-based Intrusion Detection System.Requirements Engineering,2000,7(4):207-220P
[77]R Laborde,B Nasser,F Grasset,et al.A Formal Approach for the Evaluation of Network Security Mechanisms Based on RBAC Policies.Electronic Notes in Theoretical Computer Science,2005,121:117-142P
[78]A Ju,A Wang.Information Security Models and Metrics.Proc the 43rd ACM Southeast Conference,Kennesaw,GA,USA,ACM Press,2005.178-184P
[79]M.Abedin,S Nessa,E A Shaer,et al.Vulnerability Analysis For Evaluating Quality of Protection of Security Policies.Proc the 2nd ACM Workshop on Quality of Protection,Alexandria,Virginia,USA,ACM Press 2006.49-51P
[80]Y J Han,J S Yang,B H Chang,et al.The Vulnerability Assessment for Active Networks Model,Policy,Procedures,and Performance Evaluations.Proc the 2004 International Conference on Computational Science and Its Applications,Assisi,Italy,Springer Press,2004.191 - 198P
[81]张永铮,方滨兴,迟悦等.网络风险评估中网络节点关联性的研究.计算机学报,2007,30(2):234-240页
[82]张永铮,方滨兴,迟悦等.用于评估网络信息系统的风险传播模型.软件学报,2007,18(1):137-145页
[83]陆余良,夏阳.主机安全量化融合模型研究.计算机学报,2005,28(5):914-920页
[84]E Jonsson,T Olovsson.A Quantitative Model of the Security Intrusion Process based on Attacker Behavior.IEEE Trans on Software Engineering.1997,23(4):235-245P
[85]C K Chu,M Chu.An Integrated Framework for the Assessment of Network Operations,Reliability,and Security.Bell Labs Technical Journal.2004,8(4):133-152P
[86]B B Madan,K G Popstojanova,K vaidyanthan,et al.Modeling and Quantification of Security Attributes of Software Systems.Proc the 2002 Conference on Dependable Systems and Networks,Washington,DC,USA,IEEE Press,2002.505-514P
[87]T Bass.Intrusion Detection Systems and Multisensor Data Fusion.Communications of the ACM,2000,43(4):99-105P
[88]A Ames,K Sallhammar,K Haslum,et al.Real-Time Risk Assessment with Network Sensors and Intrusion Detection Systems.Proc the 2005 International Conference on Computational Intelligence and Security,Xi'an China,Springer Press,2005.388-397P
[89]A Ames,F Valeur,G.Vigna,et al.Using Hidden Markov Models to Evaluate the Risks of Intrusions.Proc the 9th International Symposium on Recent Advances in Intrusion Detection,Hamburg,Germany,Springer Press,2006.145-164P
[90]K Sallhammar,A Ames.Multisensor Real-Time Risk Assessment Using Continuous-Time Hidden Markov Models.Proc the 2006 International Conference on Computational Intelligence and Security,Guangzhou,China,Springer Press,2006.694-703P
[91]T Li,An Immune based Dynamic Intrusion Detection Model.Chinese Science Bulletin,2005,50(22):2650-2657P
[92]王益丰,李涛,胡晓勤等.一种基于人工免疫的网络安全实时风险检测方法.电子学报,2005,33(5):945-949页
[93]陈秀真,郑庆华,管晓宏等.层次化网络安全威胁态势量化评估方法.软件学报,2006,17(4):885-897页
[94]陈秀真,郑庆华,管晓宏等.网络化系统安全态势评估的研究.西安交通大学学报,2004,34(4):404-408页
[95]姚婷婷,郑庆华,管晓宏等.一种基于主机实时流量的安全评估方法.西安交通大学学报,2006,40(4):415-419页
[96]李辉,蔡忠闽,韩崇昭等.基于信息融合的入侵检测模型与方法.小型微型计算机系统,2003,27(9):1602-1606页
[97]H K Browne,W A Arbaugh,J McHugh.A Trend Analysis of Exploitations.Proc the 2001 IEEE Security and Privacy Conference,Oakland,CA,USA,IEEE Press,2001.214-229P
[98]张永铮,云晓春,胡铭曾.基于特权提升的多维量化属性弱点分类法的研究[J].通信学报,2004,25(7):107-1 14页
[99]Bugtraq.http://www.securityfocus.com/archive/1,2008
[100]Graphviz.http://www.graphviz.org/Download_linux_rhel.php,2008
[101]谢锦辉.隐马尔科夫模型及其在语音处理中的应用.武汉:华中理工大学出版社,1995:5-25页
[102]谭小彬,王卫平,奚宏生等.计算机系统入侵检测的隐马尔可夫模型.计算机研究与发展,2003,40(2):245-250页
[103]Roesch M,Green C.Snort users manual,http://www.snort.org/docs/SnortUsersManual.pdf,2008
[104]MIT Lincoln Laboratory.1999 DARPA Intrusion Detection Evaluation Data Sets.http://www.ll.mit.edu/ISY/ideval/Data/1999/1999_data_index.html,2007
[105]COBRA.http://www.security-risk-analysis.com/introcob.htm,2008
[106]CRAMM.http://www.cramm.com/downloads/index.htm,2008
[107]极光远程安全评估系统.http://www.nsfocus.corn/l solution/1_2_3.html,2008
[108]泰合信息安全运营中心.http://www.venustech.corn.cn/SafeProduct,Info/29/34.Html.2008
[109]陈秀真,郑庆华,管晓宏等.基于模糊信息融合的漏洞评估方法.小型微型计算机系统,2004,25(8):1424-1427页
[110]史建国,高晓光,李相民.基于离散模糊动态贝叶斯网络的空战态势评估及仿真.系统仿真学报,2006,18(5):1093-1096页
[111]雷英杰,王宝树,王毅.基于直觉模糊决策的战场态势评估方法.电子学报,2006,34(12):2175-2179页
[112]H Debar.The Intrusion Detectionmessage Exchange Format.http://www. ietf.org/intemet2drafts/draft2ietf2idwg2idmef2xml216.txt,2008
[l13]P Poras.The Common Intrusion Detection Framework Architecture.http://gost.isi.edu/cidf/drafts/ar2chitecture.txt,2008
[114]郑庆华,刘君杰,范林涛.一种支持异构Sensor的分布式IDS的通信机制.计算机工程,2004,30(16):116-118页