网络安全态势预测技术研究
|
摘要
网络安全态势预测是防御网络安全威胁的关键。在对目前网络安全态势预测方法进行分析研究后,给出支持向量机(SVM)与改进粒子群优化算法相结合的网络安全态势预测方法。该方法使用改进的粒子群优化算法来优化SVM的三个参数,其充分利用了SVM收敛速度快、样本小、泛化能力强、机器学习的优点,克服了PSO-SVM存在局部最优解及粒子早熟的问题。该方法更适合于具有时变性与非线性特征的网络安全态势预测,且克服了使用线性方法进行网络安全态势预测带来的预测精度低、描述网络目前状态与未来状态关系困难的问题。实验结果表明,使用该预测方法处理先前收集到的网络安全数据,明显提高了网络态势的预测精度,实现了对网络安全威胁的有效防御。
Network security situation prediction is the key to defending against network security threats. After the analysis and research of the current network security situation prediction methods,we present a new one combined with support vector machine(SVM) and improved particle swarm optimization. This method uses the improved particle swarm optimization to optimize the three parameters of SVM,and makes full use of the advantages of SVM such as fast convergence speed,small sample size,strong generalization and machine learning to overcome the problems of local optimal solution and particle premature in PSO-SVM. It is more suitable for the network security situation prediction with time-varying and nonlinear characteristics,and overcomes the problem of low prediction accuracy and difficult description of the relationship between the current state and the future state brought by the linear method in the network security situation prediction. Experiment shows that the proposed method has improved the prediction accuracy of the network situation by dealing with the previously collected network security data,and also has realized the effective defense of the network security threat.
Network security situation prediction is the key to defending against network security threats. After the analysis and research of the current network security situation prediction methods,we present a new one combined with support vector machine(SVM) and improved particle swarm optimization. This method uses the improved particle swarm optimization to optimize the three parameters of SVM,and makes full use of the advantages of SVM such as fast convergence speed,small sample size,strong generalization and machine learning to overcome the problems of local optimal solution and particle premature in PSO-SVM. It is more suitable for the network security situation prediction with time-varying and nonlinear characteristics,and overcomes the problem of low prediction accuracy and difficult description of the relationship between the current state and the future state brought by the linear method in the network security situation prediction. Experiment shows that the proposed method has improved the prediction accuracy of the network situation by dealing with the previously collected network security data,and also has realized the effective defense of the network security threat.
引文
[1] BASS T.Intrusion systems and multisensor data fusion:creating cyberspace situational awareness[J].Communications of the ACM,2000,43(4):99-105.
[2] HUBBALLI N,BISWAS S,NANDI S.Network specific false alarm reduction in intrusion detection system[J].Security and Communication Networks,2011,4(11):1339-1349.
[3] KOTT A,WANG C,ERBACHER R F.Cyber defense and situational awareness[M].[s.l.]:Springer International Publishing,2014.
[4] 陈秀真,郑庆华,管晓宏,等.层次化网络安全威胁态势量化评估方法[J].软件学报,2006,17(4):885-897.
[5] 韦勇,连一峰,冯登国.基于信息融合的网络安全态势评估模型[J].计算机研究与发展.2009,46(3):353-362.
[6] 刘效武,王慧强,吕宏武,等.网络安全态势认知融合感控模型[J].软件学报,2016,27(8):2099-2114.
[7] BOSER B,GUYON L,VAPNIK Y.A training algorithm for optimal margin classifer[C]//Fifth annual workshop on computational learning theory.[s.l.]:[s.n.],1992:144-152.
[8] 张小龙,刘书炘,刘满华,等.基于级联支持向量机融合多特征的人脸检测[J].计算机应用与软件,2016,33(4):151-154.
[9] 安金龙,王正欧,马振平.一种新的支持向量机多类分类方法[J].信息与控制,2004,33(3):262-267.
[10] LIN V L,HSIEH J G,WU H K,et al.Three-parameter sequential minimal optimization for support vector machines[J].Neurocomputing,2011,74(17):3467-3475.
[11] 权文,王晓丹,王坚,等.基于SVM概率输出与证据理论的多分类方法[J].计算机工程,2012,38(5):167-169.
[12] HSU C W,LIN C J.A comparison of methods for multiclass support vector machines[J].IEEE Transactions on Neural Networks,2002,13(2):415-425.
[13] 张翔,胡昌振,刘胜航,等.基于支持向量机的网络攻击态势预测技术研究[J].计算机工程,2007,33(11):10-12.
[14] 王庚,张景辉,吴娜.网络安全态势预测方法的应用研究[J].计算机仿真,2012,29(2):98-101.
[2] HUBBALLI N,BISWAS S,NANDI S.Network specific false alarm reduction in intrusion detection system[J].Security and Communication Networks,2011,4(11):1339-1349.
[3] KOTT A,WANG C,ERBACHER R F.Cyber defense and situational awareness[M].[s.l.]:Springer International Publishing,2014.
[4] 陈秀真,郑庆华,管晓宏,等.层次化网络安全威胁态势量化评估方法[J].软件学报,2006,17(4):885-897.
[5] 韦勇,连一峰,冯登国.基于信息融合的网络安全态势评估模型[J].计算机研究与发展.2009,46(3):353-362.
[6] 刘效武,王慧强,吕宏武,等.网络安全态势认知融合感控模型[J].软件学报,2016,27(8):2099-2114.
[7] BOSER B,GUYON L,VAPNIK Y.A training algorithm for optimal margin classifer[C]//Fifth annual workshop on computational learning theory.[s.l.]:[s.n.],1992:144-152.
[8] 张小龙,刘书炘,刘满华,等.基于级联支持向量机融合多特征的人脸检测[J].计算机应用与软件,2016,33(4):151-154.
[9] 安金龙,王正欧,马振平.一种新的支持向量机多类分类方法[J].信息与控制,2004,33(3):262-267.
[10] LIN V L,HSIEH J G,WU H K,et al.Three-parameter sequential minimal optimization for support vector machines[J].Neurocomputing,2011,74(17):3467-3475.
[11] 权文,王晓丹,王坚,等.基于SVM概率输出与证据理论的多分类方法[J].计算机工程,2012,38(5):167-169.
[12] HSU C W,LIN C J.A comparison of methods for multiclass support vector machines[J].IEEE Transactions on Neural Networks,2002,13(2):415-425.
[13] 张翔,胡昌振,刘胜航,等.基于支持向量机的网络攻击态势预测技术研究[J].计算机工程,2007,33(11):10-12.
[14] 王庚,张景辉,吴娜.网络安全态势预测方法的应用研究[J].计算机仿真,2012,29(2):98-101.