最优化权值的网络系统风险组合评价模型
|
摘要
网络系统风险受众多因素影响,具有较强的时变性和非线性变化的特点,导致单一模型无法全面描述网络系统风险变化的特点。传统组合模型根据网络系统风险评价确定模型的权值,无法准确描述每一个模型对网络系统风险最终评价结果的贡献,使得网络系统风险评价的准确性差。为了改善网络系统风险评价的效果,文中设计了最优化权值的网络系统风险组合评价模型。首先利用不同模型从不同角度对网络系统风险进行评价,以得到单一模型的预测结果;然后将单一模型的网络系统风险评价结果作为证据体,根据改进证据理论对证据体进行融合,得到网络系统风险的最终评价;最后将提出的方法与其他网络系统风险评价进行了对比测试。测试结果表明,所提模型可以准确地对网络系统风险进行评价,能够反映网络系统风险的变化特点,获得更加理想的网络系统风险评价结果,且评价精度要明显优于其他网络系统风险评价模型。
Network system risk is affected by many factors,and has strong time-varying and non-linear characteristics.As a result,a single model cannot fully describe the characteristics of network system risk change.The traditional combination model cannot accurately describe the contribution of each model on the final evaluation results for network system risk by determining the weight of the model according to the network system risk assessment errors,causing the poor accuracy of network system risk assessment.In order to improve the effect of network system risk assessment,a network system risk assessment model with optimal weights was designed.Firstly,different models are used to evaluate the network system risk from different perspectives,and the prediction results of a single model is obtained.Then,the network system risk assessment results of a single model are taken as an evidence body.According to the improved evidence theory,the evidence body is fused,and then the final evaluation of network system risk is obtained.Finally,the proposed method is compared with other network system risk assessment methods.The test results show that the model can accurately evaluate the network system risk and reflect the changing characteristics of the network security situation.The evaluation accuracy is obviously better than other network system risk assessment methods,and more ideal network system risk assessment results can be obtained.
Network system risk is affected by many factors,and has strong time-varying and non-linear characteristics.As a result,a single model cannot fully describe the characteristics of network system risk change.The traditional combination model cannot accurately describe the contribution of each model on the final evaluation results for network system risk by determining the weight of the model according to the network system risk assessment errors,causing the poor accuracy of network system risk assessment.In order to improve the effect of network system risk assessment,a network system risk assessment model with optimal weights was designed.Firstly,different models are used to evaluate the network system risk from different perspectives,and the prediction results of a single model is obtained.Then,the network system risk assessment results of a single model are taken as an evidence body.According to the improved evidence theory,the evidence body is fused,and then the final evaluation of network system risk is obtained.Finally,the proposed method is compared with other network system risk assessment methods.The test results show that the model can accurately evaluate the network system risk and reflect the changing characteristics of the network security situation.The evaluation accuracy is obviously better than other network system risk assessment methods,and more ideal network system risk assessment results can be obtained.
引文
[1] YUAN X,FENG Z Y,XU W J,et al.Secure connectivity analysis in unmanned aerial vehicle networks [J].Frontiers of Information Technology & Electronic Engineering,2018,19(3):409-422.
[2] MOVAHEDI Z,HOSSEINI Z,BAYAN F,et al.Trust-distor- tion resistant trust management frameworks on mobile ad hoc networks:a survey[J].IEEE Communications Surveys & Tutorials,2016,18(2):1287-1309.
[3] HAN G J,JIANG J F,SHU L,et al.An attack-resistant trust model based on multi-dimensional trust metrics in underwater acoustic sensor network[J].IEEE Tansactions Mob Computer,2017,14(12):2447-2459.
[4] LIU Q,CAI Z P,YIN J P,et al.Frameworks and methods of cybersecurity detection[J].Computer Engineering & Science,2017,39(12):2224-2229.(in Chinese)刘强,蔡志平,殷建平,等.网络安全检测框架与方法研究[J].计算机工程与科学,2017,39(12):2224-2229.
[5] HUANG Q L,MA Z F,YANG Y X,et al.Improving Security and Efficiency for Encrypted Data Sharing in Online Social Networks[J].Information Security,2018,28(7):104-114.
[6] FU Y,YU Y H,CHEN Y Q,et al.Network Security Analysis on Attack-defense Behavior Tree[J].Journal of Sichuan University (Engineering Science Edition),2017,49(2):115-120.(in Chinese)付钰,俞艺涵,陈永强,等.基于攻防行为树的网络安全态势分析[J].工程科学与技术,2017,49(2):115-120.
[7] HU H,YE R G,ZHANG H Q,et al.Quantitative method for network security situation based on attack prediction [J].Journal on Communications,2017,38(10):122-134.(in Chinese)胡浩,叶润国,张红旗,等.基于攻击预测的网络安全态势量化方法[J].通信学报,2017,38(10):122-134.
[8] CHEN Y L,TANG G M,SUN Y F.Assessment of Network Se- curity Situation Based on Immune Danger Theory[J].Computer Science,2015,42(6):167-170.(in Chinese)陈妍伶,汤光明,孙怡峰.基于免疫危险理论的网络安全态势评估[J].计算机科学,2015,42(6):167-170.
[9] LIU J W,LIU J J,LU Y L,et al.Application of game theory in network security situation awareness [J].Journal of Computer Applications,2017,37(S2):48-51,64.(in Chinese)刘景玮,刘京菊,陆余良,等.博弈论在网络安全态势感知中的应用[J].计算机应用,2017,37(S2):48-51,64.
[10] WEN Z C,CHEN Z G,TANG J.Network Security Assessment Method Based on Cluster Analysis [J].Journal of Shanghai Jiaotong University,2016,50(9):1407-1414,1421.(in Chinese)文志诚,陈志刚,唐军.基于聚类分析的网络安全态势评估方法[J].上海交通大学学报,2016,50(9):1407-1414,1421.
[11] MALEKI H,VALIZADEH M H,KOCH W,et al.Markov modeling of moving target defense games [C]//Proceedings of the 2016 ACM Workshop on Moving Target Defense.ACM,2016:81-91.
[12] GE H H,XIAO D,CHEN T P,et al.Quantitative Evaluation Approach for Real-time Risk Based on Attack Event Correlating [J].Journal of Electronics & Information Technology,2013,35(11):2630-2636.(in Chinese)葛海慧,肖达,陈天平,等.基于动态关联分析的网络安全风险评估方法[J].电子与信息学报,2013,35(11):2630-2636.
[13] HUANG J M,ZHANG H W,WANG J D,et al.Defense strategies selection based on attack defense evolutionary game model[J].Information Science,2017,38(1):168-176.(in Chinese)黄健明,张恒巍,王晋东,等.基于攻防演化博弈模型的防御策略选取方法[J].通信学报,2017,38(1):168-176.
[14] WEN Z C,CHEN Z G,TANG J.Assessing network security situation quantitatively based on information fusion[J].Journal of Beijing University of Aeronautics and Astronautics,2016,42(8):1593-1602.(in Chinese)文志诚,陈志刚,唐军.基于信息融合的网络安全态势量化评估方法[J].北京航空航天大学学报,2016,42(8):1593-1602.
[15] HUANG J M,ZHANG H W.A Method for Selecting Defense Strategies Based on Stochastic Evolutionary Game Model[J].Acta Electronica Sinica,2018,46(9):2222-2228.(in Chinese)黄健明,张恒巍.基于随机演化博弈模型的网络防御策略选取方法[J].电子学报,2018,46(9):2222-2228.
[16] WHITE J,PARK J S,KAMHOUA C A,et al.Game theoretic attack analysis in online social network services [C]//Proceedings of the 2017 International Conference on Social Networks Technology.IEEE,2017:1012-1019.
[17] LIPPMANN R,HAINES J W.Analysis and results of the DARPA off-line intrusion detection evaluation [C]//Proceedings of the 17th International Workshop on Recent Advances in Intrusion Detection.New York:ACM,2016:162-182.
[18] WU G,CHEN L,SI Z G,et al.An index optimization model for network security situation evaluation [J].Computer Enginee-ring & Science,2017,39(5):861-869.(in Chinese)吴果,陈雷,司志刚,等.网络安全态势评估指标体系优化模型研究[J].计算机工程与科学,2017,39(5):861-869.
[19] CHENG J T,AI L,DUAN Z M.Transformer fault diagnosis based on improved evidence theory and neural network integra-ted method [J].Power System Protection and Control,2013,41(14):92-96.(in Chinese)程加堂,艾莉,段志梅.改进证据理论与神经网络集成的变压器故障诊断[J].电力系统保护与控制,2013,41(14):92-96.
[20] LI F W,ZHENG B,ZHU J,et al.A method of network security situation prediction based on AC-RBF neural network[J].Journal of Chongqing University of Posts and Telecommunications(Natural Science Edition),2014,26(5):576-581.(in Chinese)李方伟,郑波,朱江,等.一种基于AC-RBF神经网络的网络安全态势预测方法[J].重庆邮电大学学报(自然科学版),2014,26(5):576-581.
[2] MOVAHEDI Z,HOSSEINI Z,BAYAN F,et al.Trust-distor- tion resistant trust management frameworks on mobile ad hoc networks:a survey[J].IEEE Communications Surveys & Tutorials,2016,18(2):1287-1309.
[3] HAN G J,JIANG J F,SHU L,et al.An attack-resistant trust model based on multi-dimensional trust metrics in underwater acoustic sensor network[J].IEEE Tansactions Mob Computer,2017,14(12):2447-2459.
[4] LIU Q,CAI Z P,YIN J P,et al.Frameworks and methods of cybersecurity detection[J].Computer Engineering & Science,2017,39(12):2224-2229.(in Chinese)刘强,蔡志平,殷建平,等.网络安全检测框架与方法研究[J].计算机工程与科学,2017,39(12):2224-2229.
[5] HUANG Q L,MA Z F,YANG Y X,et al.Improving Security and Efficiency for Encrypted Data Sharing in Online Social Networks[J].Information Security,2018,28(7):104-114.
[6] FU Y,YU Y H,CHEN Y Q,et al.Network Security Analysis on Attack-defense Behavior Tree[J].Journal of Sichuan University (Engineering Science Edition),2017,49(2):115-120.(in Chinese)付钰,俞艺涵,陈永强,等.基于攻防行为树的网络安全态势分析[J].工程科学与技术,2017,49(2):115-120.
[7] HU H,YE R G,ZHANG H Q,et al.Quantitative method for network security situation based on attack prediction [J].Journal on Communications,2017,38(10):122-134.(in Chinese)胡浩,叶润国,张红旗,等.基于攻击预测的网络安全态势量化方法[J].通信学报,2017,38(10):122-134.
[8] CHEN Y L,TANG G M,SUN Y F.Assessment of Network Se- curity Situation Based on Immune Danger Theory[J].Computer Science,2015,42(6):167-170.(in Chinese)陈妍伶,汤光明,孙怡峰.基于免疫危险理论的网络安全态势评估[J].计算机科学,2015,42(6):167-170.
[9] LIU J W,LIU J J,LU Y L,et al.Application of game theory in network security situation awareness [J].Journal of Computer Applications,2017,37(S2):48-51,64.(in Chinese)刘景玮,刘京菊,陆余良,等.博弈论在网络安全态势感知中的应用[J].计算机应用,2017,37(S2):48-51,64.
[10] WEN Z C,CHEN Z G,TANG J.Network Security Assessment Method Based on Cluster Analysis [J].Journal of Shanghai Jiaotong University,2016,50(9):1407-1414,1421.(in Chinese)文志诚,陈志刚,唐军.基于聚类分析的网络安全态势评估方法[J].上海交通大学学报,2016,50(9):1407-1414,1421.
[11] MALEKI H,VALIZADEH M H,KOCH W,et al.Markov modeling of moving target defense games [C]//Proceedings of the 2016 ACM Workshop on Moving Target Defense.ACM,2016:81-91.
[12] GE H H,XIAO D,CHEN T P,et al.Quantitative Evaluation Approach for Real-time Risk Based on Attack Event Correlating [J].Journal of Electronics & Information Technology,2013,35(11):2630-2636.(in Chinese)葛海慧,肖达,陈天平,等.基于动态关联分析的网络安全风险评估方法[J].电子与信息学报,2013,35(11):2630-2636.
[13] HUANG J M,ZHANG H W,WANG J D,et al.Defense strategies selection based on attack defense evolutionary game model[J].Information Science,2017,38(1):168-176.(in Chinese)黄健明,张恒巍,王晋东,等.基于攻防演化博弈模型的防御策略选取方法[J].通信学报,2017,38(1):168-176.
[14] WEN Z C,CHEN Z G,TANG J.Assessing network security situation quantitatively based on information fusion[J].Journal of Beijing University of Aeronautics and Astronautics,2016,42(8):1593-1602.(in Chinese)文志诚,陈志刚,唐军.基于信息融合的网络安全态势量化评估方法[J].北京航空航天大学学报,2016,42(8):1593-1602.
[15] HUANG J M,ZHANG H W.A Method for Selecting Defense Strategies Based on Stochastic Evolutionary Game Model[J].Acta Electronica Sinica,2018,46(9):2222-2228.(in Chinese)黄健明,张恒巍.基于随机演化博弈模型的网络防御策略选取方法[J].电子学报,2018,46(9):2222-2228.
[16] WHITE J,PARK J S,KAMHOUA C A,et al.Game theoretic attack analysis in online social network services [C]//Proceedings of the 2017 International Conference on Social Networks Technology.IEEE,2017:1012-1019.
[17] LIPPMANN R,HAINES J W.Analysis and results of the DARPA off-line intrusion detection evaluation [C]//Proceedings of the 17th International Workshop on Recent Advances in Intrusion Detection.New York:ACM,2016:162-182.
[18] WU G,CHEN L,SI Z G,et al.An index optimization model for network security situation evaluation [J].Computer Enginee-ring & Science,2017,39(5):861-869.(in Chinese)吴果,陈雷,司志刚,等.网络安全态势评估指标体系优化模型研究[J].计算机工程与科学,2017,39(5):861-869.
[19] CHENG J T,AI L,DUAN Z M.Transformer fault diagnosis based on improved evidence theory and neural network integra-ted method [J].Power System Protection and Control,2013,41(14):92-96.(in Chinese)程加堂,艾莉,段志梅.改进证据理论与神经网络集成的变压器故障诊断[J].电力系统保护与控制,2013,41(14):92-96.
[20] LI F W,ZHENG B,ZHU J,et al.A method of network security situation prediction based on AC-RBF neural network[J].Journal of Chongqing University of Posts and Telecommunications(Natural Science Edition),2014,26(5):576-581.(in Chinese)李方伟,郑波,朱江,等.一种基于AC-RBF神经网络的网络安全态势预测方法[J].重庆邮电大学学报(自然科学版),2014,26(5):576-581.
© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号 地址:北京市海淀区学院路29号 邮编:100083 电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700 |