{"title":"网络安全综合评估","authors":"Suleyman Kondakci","doi":"10.1109/IAS.2008.59","DOIUrl":null,"url":null,"abstract":"This paper presents a new concept of security assessment methodology while promoting several areas of its application. Attack pattern analysis, network security monitoring locally or remotely are the major application areas of this concept. Instead of testing each asset or a network node separately by applying repetitive attacks and assessments, the composite system generates and executes attacks once, composes risk data, and uses the risk data for the entire network in order to perform the overall assessment. This unique approach can be used as a model to guide development of intrusion detection systems, intelligent network security analysis, monitoring systems, and also as a complementary function in information security test and evaluation laboratories.","PeriodicalId":103328,"journal":{"name":"2008 The Fourth International Conference on Information Assurance and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":"{\"title\":\"A Composite Network Security Assessment\",\"authors\":\"Suleyman Kondakci\",\"doi\":\"10.1109/IAS.2008.59\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper presents a new concept of security assessment methodology while promoting several areas of its application. Attack pattern analysis, network security monitoring locally or remotely are the major application areas of this concept. Instead of testing each asset or a network node separately by applying repetitive attacks and assessments, the composite system generates and executes attacks once, composes risk data, and uses the risk data for the entire network in order to perform the overall assessment. This unique approach can be used as a model to guide development of intrusion detection systems, intelligent network security analysis, monitoring systems, and also as a complementary function in information security test and evaluation laboratories.\",\"PeriodicalId\":103328,\"journal\":{\"name\":\"2008 The Fourth International Conference on Information Assurance and Security\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-09-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"11\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 The Fourth International Conference on Information Assurance and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IAS.2008.59\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 The Fourth International Conference on Information Assurance and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IAS.2008.59","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
This paper presents a new concept of security assessment methodology while promoting several areas of its application. Attack pattern analysis, network security monitoring locally or remotely are the major application areas of this concept. Instead of testing each asset or a network node separately by applying repetitive attacks and assessments, the composite system generates and executes attacks once, composes risk data, and uses the risk data for the entire network in order to perform the overall assessment. This unique approach can be used as a model to guide development of intrusion detection systems, intelligent network security analysis, monitoring systems, and also as a complementary function in information security test and evaluation laboratories.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
