The invention discloses a network risk assessment method based on an asset association graph, comprising the following steps of: establishing an asset association graph for a network system; for eachnode in the asset association graph, constituting primary threat events for attacks initiated from a source node to a target node; regarding the product of the probability of occurrence of the primarythreat events and the caused asset loss as an asset risk value of the primary threat events; calculating the asset risk value of each primary threat event faced by the nodes; performing the risk assessment on the network system, including the asset-level risk value, the host equipment level risk value and the system level risk value; wherein the sum of the asset risk values of all the primary threat events faced by the same node is taken as an asset level risk value; the sum of the asset level risk values of all the assets contained in the same host equipment is taken as a host equipment level risk value; and the weighted sum of the host equipment level risk values for all the host equipment contained in the network system is taken as a system level risk value. The invention has relatively high accuracy.