Abstract: Computer network is one of the largest and most widely used complex networks, how to improve the accuracy of network security evaluation and promote its practical applicability in large scale networks is the current research hotspot. This paper summarizes the research status and progress in attack model and vulnerability risk assessment. After that, this paper provides a new model which refines the attack graph node to component level and describes the interaction process between the components in the attack step in the form of a directed weighted graph to improve coarse grain size and limitations of the current attack graph. At the same time, through rigorous theoretical    deduction, this paper comes out the standard condition of controllability or partial probability controllability for complex attack network, and proves the relationship between the probability controllability and the traditional controllability. The analysis results and the examples show that, if valid defense existed, the complex networks can still provide      normal service function in the case of attack and damage. Besides, this paper gives out the concrete method for controlling network and defense node selection.

Key words:  attack graph, probability controllability, complex network, network security, vulnerability analysis

摘要： 计算机网络是当前规模最大，应用最广泛的复杂网络之一，如何提升网络安全评价的精准性，并推动其在大规模网络下的实用性是当前的研究热点。详细总结了攻击模型和脆弱性风险评估等方面的研究现状和进展，针对目前攻击图模型描述的粗粒度和局限性问题，细化攻击图节点至部件级，以有向加权图的直观形式刻画攻击步骤中部件之间的交互过程；同时通过严密的理论推演，得出了复杂攻击网络完全概率可控或者部分概率可控的准则条件，并论证了概率可控性与传统结构可控性的关系；分析结果及实例验证表明，若网络中存在着有效防御的节点，复杂网络仍可在遭受攻击破坏的情形下提供正常的服务功能，同时给出了防御节点选择及控制网络的具体方法。

关键词: 攻击图, 概率可控, 复杂网络, 网络安全, 脆弱性分析