To monitor the complex network attacks, a related vulnerabilities risk evaluating method is presented. Firstly, an attack graph is obtained as the basic data and the nodes are assigned value. Secondly, an optimized conditional probability calculation, based on Bayesian network theory, is proposed to evaluate the risk of related vulnerability on multiple attack routes. Then, the weighted average method is introduced to calculate the probability of certain vulnerability on a particular host, and finally, quantitative results are achieved. Experiment results show that this method can clearly and effectively express the security features of systems.

• 出版日期2011
• 单位university college london