| 引用本文: |
-
何英,邱菡,王舜,任俊宇.面向任务的网络资源关联建模与影响评估综述[J].信息安全学报,已采用 [点击复制]
- he ying,qiu han,wang shun,ren jun yu.A Survey on Mission-Oriented Network Resource Dependency Modeling and Impact Assessment[J].Journal of Cyber Security,Accept [点击复制]
|
|
| 摘要: |
| 网络信息系统为政府、企业及各类组织业务运转和任务执行提供重要支撑。面对日益频发的网络攻击,安全防御人员不仅要关注系统受损情况,更要关注业务是否能正常运转、任务是否可顺利执行。现有安全评估方法大部分只关注于网络系统本身的受损情况,难以对业务运转效能与任务执行效果进行科学评估。因此,亟须建立网络资源与任务的映射关系,开展面向任务执行目标的网络安全评估。当前面向任务的安全评估研究较少,已有成果多集中于军事领域且应用场景分散。为此,本文通过系统梳理相关文献,聚焦网络与任务关系建模及面向任务的安全评估方法两大核心研究方向。在模型方面,从支撑评估的角度,对比分析了基于不同技术构建的模型在场景刻画能力及评估计算支持能力方面的差异。在评估方法方面,从实际可用性角度对评估指标的含义、测量方法及取值范围进行归纳,并从功能角度剖析传播评估算法的共性特征,总结传播评估算法构建的一般规律。在此基础上,归纳出了面向任务的网络安全评估研究框架,基于该框架指出了当前模型、指标和算法存在的问题并提出相应的解决思路,最后从评估的整体视角提出了当前挑战与未来展望。 |
| 关键词: 网络安全评估 任务影响评估 任务风险评估 网络与任务建模 |
| DOI: |
| 投稿时间:2025-08-21修订日期:2025-10-26 |
| 基金项目:河南省自然科学基金资助项目(No.242300421415);河南省重大科技专项(No.221100240100) |
|
| A Survey on Mission-Oriented Network Resource Dependency Modeling and Impact Assessment |
|
he ying, qiu han, wang shun, ren jun yu
|
| (Information Engineering University) |
| Abstract: |
| Network information systems provide critical support for the operational activities and mission execution of governments, businesses, and various organizations. In the face of increasingly frequent cyberattacks, cybersecurity professionals must not only monitor system damage but also ensure that business operations remain unaffected and missions can be executed smoothly. Most existing security assessment methods focus solely on the damage to network systems themselves, making it difficult to conduct scientific evaluations of business operational efficiency and mission execution effectiveness. Therefore, it is urgent to establish a mapping relationship between network resources and missions and conduct network security assessments oriented toward mission execution objectives. Currently, there is limited research on mission-oriented security assessments, with existing findings primarily concentrated in the military domain and scattered across diverse application scenarios. This paper systematically reviews relevant literature, focusing on two core research directions: modeling the relationship between networks and missions, and developing mission-oriented security assessment methods. In terms of modeling, from an assessment support perspective, this paper compares and analyzes the differences in scenario depiction capabilities and assessment computational support capabilities among models constructed using different technologies. In terms of assessment methods, the paper summarizes the meaning, measurement methods, and value ranges of assessment indicators from the perspective of practical usability, and analyzes the common characteristics of propagation assessment algorithms from a functional perspective, summarizing the general principles for constructing propagation assessment algorithms. Based on this, the paper derives a research framework for mission-oriented cybersecurity assessments, identifies the issues with current models, indicators, and algorithms within this framework, and proposes corresponding solutions. Finally, the paper presents the current challenges and future prospects from an overall assessment perspective. |
| Key words: cyber security assessment mission impact assessment mission risk assessment network and mission model |
