针对传统安全威胁评估方法难以理解攻击渗透的相关性,且难以量化相关渗透对于网络环境的影响问题,结合攻击图渗透动作危害性、渗透相关性和主机业务重要性,提出双向威胁评估模型和计算方法,能衡量攻击的深入程度和对目标的威胁程度,最后提出了一个能应用于实时告警分析的攻击序列评估方法,并通过实验验证了所提模型的合理性和有效性. It is difficult to understand the correlation of attack penetration with traditional security threat assessment methods, and it is difficult to quantify the impact of related penetration on network environment. Combined with the hazard of penetration action, penetration correlation and the importance of host business, this paper proposes bi-directional threat assessment model and calculation The method can measure the depth of intrusion and the degree of threat to the target. Finally, an attack sequence evaluation method that can be applied to real-time alarm analysis is proposed. The validity and validity of the proposed model are verified by experiments.