不完全信息下的威胁处置效果模糊评估

李凤华; 李勇俊; 杨正坤; 张晗; 张玲翠

doi:10.11959/j.issn.1000-436x.2019078

您当前的位置：

首页 >

文章列表页 >

不完全信息下的威胁处置效果模糊评估

学术论文 | 更新时间：2024-06-05

- 不完全信息下的威胁处置效果模糊评估
- Fuzzy evaluation for response effectiveness in cases of incomplete information
- 通信学报 2019年40卷第4期页码：117-127
- 作者机构：
  
  1. 中国科学院信息工程研究所，北京100093
  2. 中国科学院大学网络空间安全学院，北京 100049
  3. 通信网信息传输与分发技术重点实验室，河北石家庄 050081
- 作者简介：
  
  [ "李凤华（1966- ），男，湖北浠水人，博士，中国科学院研究员、博士生导师，主要研究方向为网络与系统安全、信息保护、隐私计算。" ]
  [ "李勇俊（1992- ），男，浙江丽水人，中国科学院博士生，主要研究方向为入侵响应、访问控制。" ]
  [ "杨正坤（1994- ），男，重庆人，中国科学院硕士生，主要研究方向为入侵响应。" ]
  [ "张晗（1996- ），女，安徽淮北人，中国科学院硕士生，主要研究方向为入侵检测与响应、访问控制。" ]
  [ "张玲翠（1986- ），女，河北固城人，中国科学院工程师、博士生，主要研究方向为网络安全、信息保护。" ]
- 基金信息：
  
  国家重点研发计划基金资助项目(2016YFB0801001);国家自然科学基金资助项目(61672515)
- DOI：10.11959/j.issn.1000-436x.2019078
  中图分类号： TP302
- 网络出版日期：2019-04，
  
  纸质出版日期：2019-04-25
- 稿件说明：
移动端阅览
李凤华, 李勇俊, 杨正坤, 等. 不完全信息下的威胁处置效果模糊评估[J]. 通信学报, 2019,40(4):117-127.

Fenghua LI, Yongjun LI, Zhengkun YANG, et al. Fuzzy evaluation for response effectiveness in cases of incomplete information[J]. Journal on communications, 2019, 40(4): 117-127.
李凤华, 李勇俊, 杨正坤, 等. 不完全信息下的威胁处置效果模糊评估[J]. 通信学报, 2019,40(4):117-127. DOI： 10.11959/j.issn.1000-436x.2019078.

Fenghua LI, Yongjun LI, Zhengkun YANG, et al. Fuzzy evaluation for response effectiveness in cases of incomplete information[J]. Journal on communications, 2019, 40(4): 117-127. DOI： 10.11959/j.issn.1000-436x.2019078.

摘要

为合理选取和调整威胁处置方式，需要对威胁处置效果进行评估。现有的评估方法主要针对风险和威胁态势，很少评估威胁处置效果，且这些方法的前提条件之一是用于评估的所有信息完全，这一条件在实际环境中难以实现。针对该问题，提出了一种不完全信息下的威胁处置效果模糊评估方法。首先，综合考虑攻防双方设计层次化评估指标树；其次，利用模糊层次分析法计算各指标的综合权重；最后，通过模糊综合评价法对威胁处置效果进行评估。特别地，针对层次分析时判断矩阵元素缺失问题，利用指标重要性的传递性关系对缺失元素进行补全；针对综合评价时指标数据缺失问题，通过矩阵分解对缺失元素进行补全。实验结果表明，所提方法可有效处理信息不完全的情况，实现对威胁处置效果的有效评估。

Abstract

In order to appropriately select and adjust response countermeasures

it is necessary to evaluate response effectiveness.Although a large amount of effort has been spent on the evaluation of risk and threat situations

the existing schemes are not suitable to evaluate response effectiveness

because the sechems require that all the information used for evaluation is complete

which is difficult to implement in the real environment.To address the problem

a fuzzy scheme was proposed to deal with incomplete information (i.e.

missing elements of judgment matrix and missing data of indicators) and the response effectiveness was evaluate.Firstly

a hierarchical indicator tree was design to characterize the effectiveness from the perspectives of both attack and defense.Then

the fuzzy analytic hierarchy process (FAHP) was used to calculate the comprehensive weight of each indicator.Finally

the response effectiveness was calculated using fuzzy comprehensive evaluation.In particular

to deal with the problem of incompleteness of fuzzy judgment matrix in the process of FAHP

the missing elements were completed based on the transitivity of elements.And to deal with the problem of loss data in the comprehensive evaluation

the missing data was completed based on matrix completion.The experimental results show that the proposed scheme can accurately recover the missing data and can effectively evaluate the effectiveness of response.

关键词

Keywords

references

SHAMELI-SENDI A , CHERIET M , HAMOU-LHADJ A . Taxonomy of intrusion risk assessment and response system [J ] . Elsevier Computers ＆ Security , 2014 , 45 ( 3 ): 1 - 16 .

TSAI H , HUANG Y . An analytic hierarchy process-based risk assessment method for wireless networks [J ] . IEEE Transactions on Reliability , 2011 , 60 ( 4 ): 801 - 816 .

张义荣 , 鲜明 , 王国玉 . 一种基于网络熵的计算机网络攻击效果定量评估方法 [J ] . 通信学报 , 2004 , 25 ( 11 ): 158 - 165 .

ZHANG Y R , XIAN M , WANG G Y . A quantitative evaluation technique of computer network based on network entropy [J ] . Journal on Communications , 2004 , 25 ( 11 ): 158 - 165 .

LI C , CHEN K , XIANG X . An integrated framework for effective safety management evaluation:application of an improved grey clustering measurement [J ] . Elsevier Expert Systems with Applications , 2015 , 42 ( 13 ): 5541 - 5553 .

GAO C , MA J , LIU Z , et al . An approach to quality assessment for Web service selection based on the analytic hierarchy process for cases of incomplete information [J ] . Springer Science China Information Sciences , 2015 , 58 ( 12 ):122102.

ALALI M , ALMOGREN A , HASSAN M , et al . Improving risk assessment model of cyber security using fuzzy logic inference system [J ] . Elsevier Computers ＆ Security , 2018 , 74 : 323 - 339 .

SAMANTRA C , DATTA S , MAHAPATRA S . Risk assessment in IT outsourcing using fuzzy decision-making approach:an Indian perspective [J ] . Elsevier Expert Systems with Applications , 2014 , 41 ( 8 ): 4010 - 4022 .

RASHIDI B , FUNG C , BERTINO E . Android resource usage risk assessment using hidden markov model and online learning [J ] . Elsevier Computers ＆ Security , 2017 , 65 : 90 - 107 .

SEN A , MADRIA S . Risk assessment in a sensor cloud framework using attack graphs [J ] . IEEE Transactions on Services Computing , 2017 ,PP( 99 ): 1 - 1 .

杨豪璞 , 邱辉 , 王坤 . 面向多步攻击的网络安全态势评估方法 [J ] . 通信学报 , 2017 , 38 ( 1 ): 187 - 198 .

YANG H P , QIU H , WANG K . Network security situation evaluation method for multi-step attack [J ] . Journal on Communications , 2017 , 38 ( 1 ): 187 - 198 .

黄亮 , 冯登国 , 连一峰 , 等 . 基于神经网络的DDoS防护绩效评估 [J ] . 计算机研究与发展 , 2013 , 50 ( 10 ): 2100 - 2108 .

HUANG L , FEGN D G , LIANG Y F , et al . Artificial-neural -networkbased DDoS defense effectiveness evaluation [J ] . Journal of Computer Research and Development , 2013 , 50 ( 10 ): 2100 - 2108 .

黄亮 , 冯登国 , 连一峰 , 等 . 一种基于多属性决策的DDoS防护措施遴选方法 [J ] . 软件学报 , 2015 , 26 ( 7 ): 1742 - 1756 .

HUANG L , FEGN D G , LIANG Y F , et al . Method of DDoS countermeasure selection based on multi-attribute decision making [J ] . Journal of Software , 2015 , 26 ( 7 ): 1742 - 1756 .

KUBLER S , ROBERT J , DERIGENT W , et al . A state-of the-art survey ＆ testbed of fuzzy AHP (FAHP) applications [J ] . Elsevier Expert Systems with Applications , 2016 , 65 : 398 - 422 .

XIE K , NING X , WANG X , et al . Recover corrupted data in sensornetworks:a matrix completion solution [J ] . IEEE Transactions on Mobile Computing , 2017 ,PP( 99 ): 1 - 1 .

浏览量

790

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于非同步测量的高分辨率声源定位

基于互质位置非同步测量的低频声源成像方法

基于攻防信号博弈模型的防御策略选取方法

基于结构化噪声矩阵补全的Web服务QoS预测