中文摘要：

攻击图、攻击树与攻击网是网络安全测试和评估的重要建模方法,但这些方法在建模过程中存在无序性以及在攻击选择上缺乏针对性。为克服以上不足,本文以目标网络中存在的漏洞为树的叶节点,以漏洞利用攻击方式为节点之间的边,对各个节点主机的安全属性分别进行攻击建模,并在综合分析攻击的成果效率和时间效率的基础上,提出了效率优先的主机安全属性漏洞树建模方法。最后,通过举例分析证实了所提方法的可行性和有效性。

英文摘要：

The attack graph,attack tree and attack net are important modeling methods for testing and evaluating network security,but these methods are disordered and short of pertinence when choosing attacks.To overcome these shortages,this paper models the vulnerability tree of the security attributes for each host,taking the network vulnerability as the leaf node and attacks as tree borders.After analyzing the fruit efficiency and time efficiency comprehensively,we present an approach for vulnerability tree modeling of the host security attributes by efficiency priority.Finally,the feasibility and validity of the approach are verified using some practical examples.