网络安全风险评估方法研究综述

doi:10.16180/j.cnki.issn1007-7820.2024.03.002

摘要/Abstract

摘要：

网络安全风险评估是构建网络空间安全体系的重要环节,可以有效保护个人和组织机构避免受到网络安全攻击。文中简要概述了网络安全风险评估理论,重点介绍了目前主流的网络安全风险评估方法,并根据不同的方法性质对现有方法进行分类和对比,分析了各方法的优缺点以及适用范围。在此基础上,文中归纳提取出对网络安全评估结果产生影响的因素并对网络安全评估领域未来的研究重点进行提议。分析结果表明,关联性和评估指标的不确定性以及评估过程的实时性这3个因素是影响风险评估效果的主要因素,并给未来的风险评估方法研究提供了参考依据。

关键词: 风险评估, 定性分析, 定量分析, 指标体系, 评估模型, 关联性, 实时性, 不确定性

Abstract:

Cybersecurity risk assessment is an important part of building a cyberspace security system, which can effectively protect individuals and organizations from the risk of cybersecurity attacks.This study briefly outlines the theory of cybersecurity risk assessment, emphatically introduces the current mainstream cybersecurity risk assessment methods, and classifies and compares the existing methods according to their different nature, analyzes the advantages, disadvantages and application scope of each method.On this basis, this study summarizes and extracts the factors that have an impact on the cybersecurity assessment results and proposes future research priorities in the field of cybersecurity assessment. The analysis results show that the three factors of correlation, uncertainty of assessment indexes and real-time of assessment process are the main factors affecting the effect of risk assessment, and it provides a reference for the research of risk assessment methods in the future.

Key words: risk assessment, qualitative analysis, quantitative analysis, index system, evaluation models, correlation, real-time, uncertainty

中图分类号:

TP393

吴嘉诚, 余晓. 网络安全风险评估方法研究综述[J]. 电子科技, 2024, 37(3): 10-17.

WU Jiacheng, YU Xiao. A Review of Research on Cybersecurity Risk Assessment Methods[J]. Electronic Science and Technology, 2024, 37(3): 10-17.

图/表 2

图1

表1

参考文献 46

[1]	Yulia C, Pete B, Adfrew B, et al. A review of cyber security risk assessment methods for SCADA systems[J]. Computers & Security, 2016, 56(9):1-27. doi: 10.1016/j.cose.2015.09.009
[2]	Jahl C. The information technology security evaluation criteria[C]. Ottobrunn: Proceedings of the Thirteenthth International Conference on Software Engineering IEEE Computer Society, 1991:892-901.
[3]	Dotsenko S, Illiashenko O, Kamenskyi S, et al. Integrated model of knowledge management for security of information technologies: standards ISO/IEC 15408 and ISO/IEC 18045[J]. Information & Security, 2019, 43(1):305-317.
[4]	范红. 信息安全风险评估规范国家标准理解与实施[M]. 北京: 中国标准出版社, 2008:56-73.
	Fan Hong. Understanding and implementation of national standards for information security risk assessment[M]. Beijing: Standards Press of China, 2008:56-73.
[5]	张利, 彭建芬, 杜宇鸽, 等. 信息安全风险评估的综合评估方法综述[J]. 清华大学学报(自然科学版), 2012, 52(10):1364-1369.
	Zhang Li, Peng Jianfen, Du Yuge, et al. Information security risk assessment survey[J]. Journal of Tsinghua University(Science and Technology), 2012, 52(10):1364-1369.
[6]	孙雨生, 廖盼. 国内知识服务评价核心技术研究进展[J]. 计算机与数字工程, 2019, 47(12):3045-3052.
	Sun Yusheng, Liao Pan. Research development on core technology of knowledge service evaluation in China[J]. Computer & Digital Engineering, 2019, 47(12):3045-3052.
[7]	李金城. 故障树分析及其应用[J]. 电气时代, 1992(11):18-19.
	Li Jincheng. Fault tree analysis and its application[J]. Electric Age, 1992(11):18-19.
[8]	Brday S R. Utilizing and adapting the delphi method for use in qualitative research[J]. International Journal of Qualitative Methods, 2015, 14(5):1-6.
[9]	王增光, 卢昱, 陈立云. 网络安全风险评估方法综述[J]. 飞航导弹, 2018(4):62-66,73.
	Wang Zengguang, Lu Yu, Chen Liyun. A review of network security risk assessment methods[J]. Aerospace Technology, 2018(4):62-66,73.
[10]	刘东伟. 基于入侵监测的网络信息安全管理技术[J]. 电子科技, 2019, 32(12):68-71.
	Liu Dongwei. Network information security management technology based on intrusion monitoring[J]. Electronic Science and Technology, 2019, 32(12):68-71.
[11]	文志诚, 陈志刚, 唐军. 基于聚类分析的网络安全态势评估方法[J]. 上海交通大学学报, 2016, 50(9):1407-1414.
	Wen Zhicheng, Chen Zhigang, Tang Jun. Network security assessment method based on cluster analysis[J]. Journal of Shanghai Jiaotong University, 2016, 50(9):1407-1414.
[12]	杨武俊. 多层次模糊综合评判法在信息安全风险评估中的应用[J]. 网络安全技术与应用, 2013(11):33-34.
	Yang Wujun. Applying multilevel fuzzy comprehensive evaluation in information security risk assessment[J]. Network Security Technology & Application, 2013(11):33-34.
[13]	Li W, Liang Y, Wang W, et al. Research on security risk assessment based on the improved FAHP[C]. Wuhan:IOP Conference Series: Materials Science and Engineering, 2020:753-760.
[14]	吴文刚, 张志文, 王庆生. 基于模糊综合评判和AHP信息安全风险评估模型[J]. 重庆理工大学学报(自然科学), 2017, 31(7):156-161.
	Wu Wengang, Zhang Zhiwen, Wang Qingsheng. A information security risk assessment model based on AHP and fuzzy comprehensive evaluation[J]. Journal of Chongqing Institute of Technology, 2017, 31(7):156-161.
[15]	Yi B, Cao Y P, Song Y. Network security risk assessment model based on fuzzy theory[J]. Journal of Intelligent & Fuzzy Systems, 2020, 38(4):3921-3928.
[16]	王姣, 范科峰, 莫玮. 基于模糊集和DS证据理论的信息安全风险评估方法[J]. 计算机应用研究, 2017, 34(11):3432-3436.
	Wang Jiao, Fan Kefeng, Mo Wei. Method for information security risk assessment based on fuzzy set theory and DS evidence theory[J]. Application Researchof Computers, 2017, 34(11):3432-3436.
[17]	Dempster A P. Upper and lower probabilities inducedby a multivalued mapping[J]. Annals of Mathematical Statistics, 1967, 38(2):325-339. doi: 10.1214/aoms/1177698950
[18]	Zhao X, Pei M, Wu M, et al. A method of network security risk measurement based on improved DS evidence theory[C]. Beijing:Journal of Physics:Conference Series, 2020:116-127.
[19]	汤永利, 李伟杰, 于金霞, 等. 基于改进D-S证据理论的网络安全态势评估方法[J]. 南京理工大学学报, 2015, 39(4):405-411.
	Tang Yongli, Li Weijie, Yu Jinxia, et al. Network security situational assessment method based on improved D-S evidence theory[J]. Journal of Nanjing University of Science and Technology, 2015, 39(4):405-411.
[20]	Dong H, Zhao J, Yang X, et al. Combination of D-AHP and grey theory for the assessment of the information security risks of smart grids[J]. Mathematical Problems in Engineering, 2020(10):1-14.
[21]	黎学斌, 范九伦, 刘意先. 基于AHP和CVSS的信息系统漏洞评估[J]. 西安邮电大学学报, 2016, 21(1):42-46.
	Li Xuebin, Fan Jiulun, Liu Yixian. On information system vulnerabilities assess based on analytic hierarchy process and common vulnerability score system[J]. Journal of Xi'an University of Posts and Telecommunications, 2016, 21(1):42-46.
[22]	江洋, 李成海. 基于灰色层次模型的计算机网络安全评估[J]. 测控技术, 2017, 36(10):109-113.
	Jiang Yang, Li Chenghai. Computer network security assessment based on grey hierarchy model[J]. Measurement & Control Technology, 2017, 36(10):109-113.
[23]	高阳, 罗军舟. 基于灰色关联决策算法的信息安全风险评估方法[J]. 东南大学学报(自然科学版), 2009, 39(2):225-229.
	Gao Yang, Luo Junzhou. Information security risk assessment based on grey relational decision-making algorithm[J]. Journal of Southeast University(Natural Science Edition), 2009, 39(2):225-229.
[24]	Schneier B. Attack trees[J]. Doctor Dobbs Journal, 1999, 24(12):21-29.
[25]	王赛娥, 刘彩霞, 刘树新, 等. 一种基于攻击树的4G网络安全风险评估方法[J]. 计算机工程, 2021, 47(3):139-146,154. doi: 10.19678/j.issn.1000-3428.0057483
	Wang Sai'e, Liu Caixia, Liu Shuxin, et al. A method of 4G network security risk assessment based on attack tree[J]. Computer Engineering, 2021, 47(3):139-146,154. doi: 10.19678/j.issn.1000-3428.0057483
[26]	Wang S, Ding L, Sui H, et al. Cybersecurity risk assessment method of ICS based on attack-defense tree model[J]. Journal of Intelligent and Fuzzy Systems, 2021(10):1-14.
[27]	潘刚, 米士超, 郭荣华, 等. 基于攻击树和CVSS的网络攻击效果评估方法[J]. 电子技术应用, 2022, 48(4):76-80.
	Pan Gang, Mi Shichao, Guo Ronghua, et al. Evaluation method of network attack effect based on attack tree and CVSS[J]. Application of Electronic Technique, 2022, 48(4):76-80.
[28]	Maciel R, Araujo J, Dantas J, et al. Impact of a DDoS attack on computer systems: An approach based onan attack tree model[C]. Vancouver: Annual IEEE International Systems Conference, 2018:1023-1028.
[29]	Phillips C, Swiler L P, Galyor T, et al. A graph-based system for network-vulnerability analysis[C]. Albuquerque: Proceedings of the Workshop on New Security Paradigms, 1998:2118-2125.
[30]	Sheyner O, Haines J, Jha S, et al. Automated generation and analysis of attack graphs[C]. Berkeley: Proceedings IEEE Symposium on Security and Privacy, 2002:98-105.
[31]	Wang L, Yao C, Singhal A, et al. Interactive analysis of attack graphs using relational queries[C]. Berlin:IFIP Annual Conference on Data and Applications Security and Privacy, 2006:308-313.
[32]	Zhang Fan, Bu Bing. A cyber security risk assessment method ology for CBTC systems based on complex network theory and attack graph[C]. Guiyang: The Seventh Annual International Conference on Network and Information Systems for Computers, 2021:39-45.
[33]	Semertzis I, Rajkumar V S, Stefanov A, et al. Quantitative risk assessment of cyber attacks on cyber-physical systems using attack graphs[C]. Milan: The TenthWorkshop on Modelling and Simulation of Cyber-Physical Energy Systems, 2022:124-136.
[34]	王虎, 柳岩妮. 基于模糊Petri网的电力信息系统网络安全态势评估[J]. 电力安全技术, 2020, 22(8):5-8.
	Wang Hu, Liu Yanni. Security situation assessment of power information system based on fuzzy Petri net[J]. Electric Safety Technology, 2020, 22(8):5-8.
[35]	高翔, 祝跃飞, 刘胜利, 等. 基于模糊Petri网的网络风险评估模型[J]. 通信学报, 2013, 34(S1):126-132.
	Gao Xiang, Zhu Yuefei, Liu Shengli, et al. Risk assessment model based on fuzzy Petri nets[J]. Journal on Communications, 2013, 34(S1):126-132.
[36]	Chen Y Y, Xu B, Long J. Information security assessment of wireless sensor networks based on Bayesian attack graphs[J]. Journal of Intelligent & Fuzzy Systems, 2021, 41(3):4511-4517.
[37]	Poolsappasit N, Dewri R, Ray I. Dynamic security risk management using Bayesian attack graphs[J]. IEEE Transactions on Dependable and Secure Computing, 2011, 9(1):61-74. doi: 10.1109/TDSC.2011.34
[38]	Flores M, Heredia D, Andrade R, et al. Smart home IoT network risk assessment using Bayesian networks[J]. Entropy, 2022, 24(5):668-673. doi: 10.3390/e24050668
[39]	Wei L. Application of Bayesian algorithm in risk quantification for network security[J]. Computational Intelligence and Neuroscience, 2022(7):1-10.
[40]	Lv X, Shi N, Wei J, et al. Information system security risk assessment based on entropy weight method-Bayesian network[C]. Haikou: International Conference on Frontiers in Cyber Security, 2021:689-695.
[41]	Luo Z, Xu R, Wang J, et al. A dynamic risk assessment method based on Bayesian attack graph[J]. International Journal of Network Security, 2022, 24(5):787-796.
[42]	李世斌, 李婧, 唐刚, 等. 基于HMM的工业控制系统网络安全状态预测与风险评估方法[J]. 信息网络安全, 2020, 20(9):57-61.
	Li Shibin, Li Jing, Tang Gang, et al. Method of network security states prediction and risk assessment for industrial control system based on HMM[J]. Netinfo Security, 2020, 20(9):57-61.
[43]	Hu J, Guo S, Kuang X, et al. I-HMM-based multidime-nsional network security risk assessment[J]. IEEE Access, 2019(8):1431-1442.
[44]	王增光, 卢昱, 赵东昊. 基于隐马尔科夫模型的网络安全风险评估方法[J]. 空军工程大学学报(自然科学版), 2019, 20(3):71-76.
	Wang Zengguang, Lu Yu, Zhao Donghao. Network security risk assessment method based on hidden Markov model[J]. Journal of Air Force Engineering University(Natural Science Edition), 2019, 20(3):71-76.
[45]	Wang C, Li K, He X. Network risk assessment based on Baum welch algorithm and HMM[J]. Mobile Networks and Applications, 2021, 26(4):1630-1637. doi: 10.1007/s11036-019-01500-7
[46]	Zhang T, Zhao K, Yang M, et al. Research on privacy security risk assessment method of mobile commerce based on information entropy and Markov[J]. Wireless Communications and Mobile Computing, 2020(7):1-11.

综合评估方法分类	具体方法	方法描述	优点	缺点
基于指标体系的风险评估方法	模糊综合分析法	将定性评价转为定量评价	可解决不确定性问题	无法解决指标相互影响带来的权重问题
	D-S证据理论分析法	融合多源数据和信息得到评估结果	所需先验数据易获得, 可表达不确定信息	证据必须相互独立,计算上存在指数爆炸问题
	层次分析法	建立多层次分析结构模型	系统性进行决策,所需定量数据信息较少	评估结果主观性较强
	灰色理论评估法	处理不确定性和模糊性的因素	适用于信息不完整、数据量小的系统	评估结果准确性受制于评估系数的确定
基于模型的风险评估方法	攻击树模型	以攻击者为中心,层次化分析攻击行为	模型简单,图形化描述便于量化评估	建模效率低,不够灵活
	攻击图模型	描述系统脆弱点和攻击行为的关联	将攻击行为和系统变化结合,评估更全面	较为复杂,不利于后续分析和量化
	Petri网模型	综合考虑攻防因素	直观表现系统的状态变化	在评估大型系统时会出现信息缺失的情况
	贝叶斯网络	概率论与图论相结合评估网络	反映安全事件的推理过程	存在组合爆炸问题, 不适用于复杂网络
	隐马尔科夫	动态的评估安全事件和网络状态	建模复杂度可控,实时性观测安全状态	需要对多种属性进行量化, 需要的先验知识多