Present-day network security management service is unable to provide useful security situation or risk estimation for administrators, or to help administrators to make right and timely decisions based on current state of the network security. These disadvantages lead to risks which exist in network security management applications and accordingly cause a loss. In this paper, we make use of the HoneyNet dataset and adopt statistic analysis to find the vulnerabilities of the services which the hosts provide in the network system. According to the network topology, the host layout and the relations among services, the paper presents a novel time-divided and hierarchical approach to achieve the current situation of network security. The approach can be applied to modeling security situation and achieve the expressions of the security situation of the network system. Coupled with the statistical data, the paper shows the simulation curves of the security situation in different periods through a great deal of calculation. The analysis of the simulation result proves the algorithm efficient and provides us for our future implementation with the academic foundation of the evaluation of the security situation.

• 出版日期2006
• 单位上海交通大学