基于自修正系数修匀法的网络安全态势预测

杨宏宇; 张旭高

doi:10.11959/j.issn.1000-436x.2020092

您当前的位置：

首页 >

文章列表页 >

基于自修正系数修匀法的网络安全态势预测

学术通信 | 更新时间：2024-06-05

- 基于自修正系数修匀法的网络安全态势预测
- Self-corrected coefficient smoothing method based network security situation prediction
- 通信学报 2020年41卷第5期页码：196-204
- 作者机构：
  
  中国民航大学计算机科学与技术学院，天津 300300
- 作者简介：
  
  [ "杨宏宇（1969- ），男，吉林长春人，博士，中国民航大学教授，主要研究方向为网络信息安全" ]
  [ "张旭高（1993- ），男，山东威海人，中国民航大学硕士生，主要研究方向为网络信息安全" ]
- 基金信息：
  
  国家自然科学基金民航联合研究基金资助项目(U1833107)
- DOI：10.11959/j.issn.1000-436x.2020092
  中图分类号： TP309
- 网络出版日期：2020-05，
  
  纸质出版日期：2020-05-25
- 稿件说明：
移动端阅览
杨宏宇, 张旭高. 基于自修正系数修匀法的网络安全态势预测[J]. 通信学报, 2020,41(5):196-204.

Hongyu YANG, Xugao ZHANG. Self-corrected coefficient smoothing method based network security situation prediction[J]. Journal on communications, 2020, 41(5): 196-204.
杨宏宇, 张旭高. 基于自修正系数修匀法的网络安全态势预测[J]. 通信学报, 2020,41(5):196-204. DOI： 10.11959/j.issn.1000-436x.2020092.

Hongyu YANG, Xugao ZHANG. Self-corrected coefficient smoothing method based network security situation prediction[J]. Journal on communications, 2020, 41(5): 196-204. DOI： 10.11959/j.issn.1000-436x.2020092.

摘要

针对目前网络安全态势预测方法的精确度不足问题，以自修正系数修匀法为基础提出一种新的网络安全态势预测模型。首先，设计一种网络安全态势评估量化方法，基于熵关联度将警报信息转化为态势实际值时间样本序列。然后，计算静态修匀系数自适应解并利用可变域空间获取预测初始值。最后，为了进一步提高预测精度，基于偏差类别并采用时变加权马尔可夫链对网络安全态势初始预测结果进行修正。采用LL_DOS_1.0数据集检验预测效果，实验结果表明，所提模型面向网络态势时间序列具有较高的自适应性和预测精度。

Abstract

In order to solve the problem of insufficient accuracy of current network security situation prediction methods

a new network security situation prediction model was proposed based on self-correcting coefficient smoothing.Firstly

a network security assessment quantification method was designed to transform the alarm information into situation real value time series based on the entropy correlation degree.Then

the adaptive solution of the static smoothing coefficient was calculated and the predicted initial value was obtained by using the variable domain space.Finally

based on the error category

the time-changing weighted Markov chain was built to modify the initial network situation prediction result and the prediction accuracy was further raised.The prediction model was tested with LL_DOS_1.0 dataset and the experimental results show that the proposed model has higher adaptability and prediction accuracy for network situation time series.

关键词

Keywords

references

LEAU Y B , MANICKAM S . Network security situation prediction:a review and discussion [J ] . Communications in Computer ＆ Information Science , 2015 , 516 : 424 - 435 .

CIPRIANO C , ZAND A , HOUMANSADR A , et al . Nexat:a history-based approach to predict attacker actions [C ] // Proceedings of the 27th Annual Computer Security Applications Conference . New York:ACM Press , 2011 : 383 - 392 .

XIAO P , XIAN M , WANG H M . Network security situation prediction method based on MEA-BP [C ] // 3rd International Conference on Computational Intelligence ＆ Communication Technology . Piscataway:IEEE Press , 2017 : 1 - 5 .

SUN S X , . The research of the network security situation prediction mechanism based on the complex network [C ] // International Conference on Computational Intelligence and Communication Networks . Piscataway:IEEE Press , 2015 : 1183 - 1187 .

LEAU Y B , KHUDHER A A , MANICKAM S , et al . An adaptive assessment and prediction mechanism in network security situation awareness [J ] . Journal of Computer Science , 2017 , 13 ( 5 ): 114 - 129 .

SCHATZ D , BASHROUSH R . Security predictions-a way to reduce uncertainty [J ] . Journal of Information Security and Applications , 2019 , 45 : 107 - 116 .

孙卫喜 , 孙欢 . 网络安全态势预测技术研究 [J ] . 计算机技术与发展 , 2019 , 29 ( 4 ): 100 - 104 .

SUN W X , SUN H . Research on network security situation prediction technology [J ] . Computer Technology and Development , 2019 , 29 ( 4 ): 100 - 104 .

周新卫 , 李小玲 . 基于改进 G-K 算法的多节点网络安全态势预测模型 [J ] . 科学技术与工程 , 2018 , 18 ( 25 ): 72 - 77 .

ZHOU X W , LI X L . Multi node network security situation prediction model based on improved G-K algorithm [J ] . Science Technology and Engineering , 2018 , 18 ( 25 ): 72 - 77 .

韩晓露 , 刘云 , 张振江 , 等 . 基于 IFS-NARX 模型的网络安全态势预测 [J ] . 吉林大学学报(工学版) , 2019 , 49 ( 2 ): 592 - 598 .

HAN X L , LIU Y , ZHANG Z J , et al . Network security situation prediction method based on IFS-NARX model [J ] . Journal of Jilin University (Engineering and Technology Edition) , 2019 , 49 ( 2 ): 592 - 598 .

席荣荣 , 云晓春 , 张永铮 . 一种改进的网络安全态势量化评估方法 [J ] . 计算机学报 , 2015 , 38 ( 4 ): 749 - 758 .

XI R R , YUN X C , ZHANG Y Z , et al . An improved quantitative evaluation method for network security [J ] . Chinese Journal of Computers , 2015 , 38 ( 4 ): 749 - 758 .

DEBAR H , WESPI A . Aggregation and correlation of intrusion-detection alerts [C ] // International Symposium on Recent Advances in Intrusion Detection . Berlin:Springer , 2001 : 85 - 103 .

赵冬梅 , 张玉清 , 马建峰 . 熵权系数法应用于网络安全的模糊风险评估 [J ] . 计算机工程 , 2004 , 30 ( 18 ): 21 - 23 .

ZHAO D M , ZHANG Y Q , MA J F . Fuzzy risk assessment of entropy-weight coefficient method applied in network security [J ] . Computer Engineering , 2004 , 30 ( 18 ): 21 - 23 .

付钰 , 吴晓平 , 叶清 . 基于模糊集与熵权理论的信息系统安全风险评估研究 [J ] . 电子学报 , 2010 , 38 ( 7 ): 1489 - 1494 .

FU Y , WU X P , YE Q . An approach for information systems security risk assessment on fuzzy set and entropy-weight [J ] . Chinese Journal of Electronics , 2010 , 38 ( 7 ): 1489 - 1494 .

王笑 , 戚湧 , 李千目 . 基于时变加权马尔可夫链的网络异常检测模型 [J ] . 计算机科学 , 2017 , 44 ( 9 ): 136 - 141 ,161.

WANG X , QI Y , LI Q M . Network anomaly detection model based on time-varying weighted Markov chain [J ] . Computer Science , 2017 , 44 ( 9 ): 136 - 141 ,161.

杨宏宇 , 韩越 . 基于动态信誉的无线 Mesh 网络安全路由机制 [J ] . 通信学报 , 2019 , 40 ( 4 ): 195 - 201 .

YANG H Y , HAN Y . Wireless Mesh network secure routing mechanism based on dynamic reputation [J ] . Journal on Communications , 2019 , 40 ( 4 ): 195 - 201 .

杨宏宇 , 王在明 . Android 共谋攻击检测模型 [J ] . 通信学报 , 2018 , 39 ( 6 ): 27 - 36 .

YANG H Y , WANG Z M . Android collusion attack detection model [J ] . Journal on Communications , 2018 , 39 ( 6 ): 27 - 36 .

浏览量

882

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于攻击预测的网络安全态势量化方法

面向多步攻击的网络安全态势评估方法