Based on the research of domestic and foreign vulnerability assessment systems, in this paper, we propose an improved network security assessment method based on Immunity algorithm. It integrates the advantages of both host based and network based scan system. Our goal is to explore the known security vulnerabilities, and to check hosts’ security effectively as well. It has the features of self-adaptive, distributed, and real time. Therefore, it provides a good solution to risk assessment for network security.
The research of this dissertation focuses on the quantitative methodologies of the network security assessment. So the dissertation gives the term “Model-based network security risk assessment” a more meaningful definition. The methodology called a model-based will use one network security analysis model to design the scenarios of threatens according to the Patterns behaviors of vulnerabilities and threatens in the network. And then the risk assessment will be done under those scenarios. Following this new definition. The dissertation Proposes a Component-centric Access Graph Based Network Security Risk Assessment Model (Oc-AGNSRAM).
Intelligent network security assessment with modeling and analysis of attack patterns
