基於攻擊圖形的混合式無線網路風險評估方法

Abstract

無線網路風險評估是無線安全領域中的關鍵技術之一。為了幫助管理者評估網路之安全程度，攻擊圖形以圖形化的表示方式來呈現分析結果，提供管理者在決策時的參考依據。近年來，許多學者利用層級程序分析法(Analytic Hierarchy Process Method，AHP)及模糊語意量測法(Fuzzy Linguistic Measure method)來處理風險評估的問題，其網路評估架構以3層為主，然而此架構並不能表示各種網路配置資訊對不同類型無線網路攻擊所造成的影響，再者，層級程序分析法適用在不隨環境變動的評估項與評估法則間建立判斷矩陣，對於會隨環境變動的評估項，其擴充性較差；模糊語意量測法較難從模糊集合中取得量化數值，無法提供精確的分析結果。因此，我們結合層級程序分析法及模糊語意量測法並加以改良，提出一套分析無線網路安全性的風險評估模型。在此模型中，我們定義了一個4階層的無線網路風險評估架構，從此架構中，我們透過分析法則來求得每個配置資訊在不同網路攻擊類型中的影響程度，並使用模糊權重平均法(Fuzzy Weight Average Method，FWA)來計算各攻擊類型的模糊平均集合；為了能夠取得各個攻擊類型數值化的風險等級，我們設計一個量化方法從模糊平均集合求得量化數值。之後便可結合層級程序分析法，以所定義的專家經驗為基礎來計算風險值。最後，我們利用兩個無線網路上常見的拓樸為範例，證明此風險評估模型的有效性與實用性並利用圖形化工具Graphviz產生攻擊圖形來描述其風險值。

Risk assessment of wireless networks is one of the crucial techniques in the area of wireless network security. A graph-based representation, called attack graph, has been developed to appear analytic results and support policies for administrators. Recently, the analytic hierarchy process (AHP) method and the fuzzy linguistic measure method have been applied to deal with risk assessment problems. The assessment architecture is based on 3 layers. However, the architecture can not represent influence of configurations on different attack types. In addition, the AHP method is hardly constructed judge matrixes if analysis items changed with network environment while the fuzzy linguistic measure method is hardly acquire quantifiable value from fuzzy set. Hence, we modify and combine the two methods to establish a new risk assessment model to analyze the security robustness of wireless networks. In the proposed model, we redefine 4-layer assessment architecture of wireless networks. From this architecture, we can obtain influential level of each configuration on different attack types through analysis rules and use the fuzzy weight average (FWA) method to calculate average fuzzy set of each attack type. In order to gather quantitative risk rating of each attack type, a quantitative method is designed to obtain value of average fuzzy set. Afterward the AHP method is applied to compute the risk value based on expert experience. Finally, two case studies are given to demonstrate validity and feasibility for risk assessment according to the proposed model. We also use the Graphviz tool to generate their attack graphs to describe the security robustness of these two examples.