COMPUTER SCIENCE
and ENGINEERING

Recently, network security is more and more important and the network security measure is the premise to build a robust and secure network. However, the methods of measuring the network security are limited. For example, the most methods are not comprehensive, which only consider a part of the network ignoring the overall network. Therefore, this paper proposes a new multi-layer, multi-dimensional and multi-granularity network model based on the attack graph and CVSS. The model divides the network into four layers. The four layers can measure the network security completely and effectively. For each layer, two dimensions are quantified. The measure value of each layer is rated score 0-10. In addition, this model takes the different network granularities into account, making the network security model more comprehensive. In order to examine the validity of the network model, this paper carries out two experiments by configuring five networks with different security configurations. It is found that this model not only can identify the network security level effectively but also can quickly locate the security problems.

Network security, Multi-layer, Multi-dimensional, Multi-granularity, Measurement.