基于大数据分析的网络安全态势评估
|
摘要
网络安全态势受到多种因素影响,再加上网络的开放性,具有复杂变化的特点,评估误差高,可信度低。为了提高网络安全态势评估精度,将大数据分析方法引入到网络安全态势评估的建模中。对当前网络安全态势的研究现状进行分析,通过重构得到多维网络安全态势学习样本,采用大数据处理技术——最小二乘支持向量机对网络安全态势样本进行训练,建立网络安全态势的评估模型,并进行具体网络安全态势仿真测试。结果表明,所提模型可以准确描述网络安全态势变化特点,获得高精度的网络安全态势评估结果,评估误差要远远低于对照模型,为网络安全管理提供了一种有效的研究方法。
Network security situation is affected by many factors,coupled with the openness of the network,and has the characteristics of complex changes,big evaluation error and low credibility. In order to improve the accuracy of network security situation assessment,the big data analysis method is introduced into the modeling of network security situation assessment. The current research situation of network security situation is analyzed,and the multi-dimensional network security situation learning sample is obtained by reconstruction. The network security situation sample is trained by big data processing technology(least square support vector machine),and the evaluation model of network security situation is established. The simulation test is performed for the specific network security situation. The results show that the model can accurately describe the change characteristics of network security situation,and can obtain the high-precision network security situation evaluation results. The evaluation error of the model is far lower than that of contrast model. It provides an effective research method for network security management.
Network security situation is affected by many factors,coupled with the openness of the network,and has the characteristics of complex changes,big evaluation error and low credibility. In order to improve the accuracy of network security situation assessment,the big data analysis method is introduced into the modeling of network security situation assessment. The current research situation of network security situation is analyzed,and the multi-dimensional network security situation learning sample is obtained by reconstruction. The network security situation sample is trained by big data processing technology(least square support vector machine),and the evaluation model of network security situation is established. The simulation test is performed for the specific network security situation. The results show that the model can accurately describe the change characteristics of network security situation,and can obtain the high-precision network security situation evaluation results. The evaluation error of the model is far lower than that of contrast model. It provides an effective research method for network security management.
引文
[1] LEAU Y B,MANICKAM S,CHONG Y W. Network security situation assessment:a review and discussion[J]. Lecture notes in electrical engineering,2015,339:407-414.
[2]吴果,陈雷,司志刚,等.网络安全态势评估指标体系优化模型研究[J].计算机工程与科学,2017,39(5):861-869.WU Guo,CHEN Lei,SI Zhigang,et al. An index optimization model for network security situation evaluation[J]. Computer engineering&science,2017,39(5):861-869.
[3]陈妍伶,汤光明,孙怡峰.基于免疫危险理论的网络安全态势评估[J].计算机科学,2015,42(6):167-170.CHEN Yanling,TANG Guangming,SUN Yifeng. Assessment of network security situation based on immune danger theory[J]. Computer science,2015,42(6):167-170.
[4]杨豪璞,邱辉,王坤.面向多步攻击的网络安全态势评估方法[J].通信学报,2017,38(1):187-198.YANG Haopu,QIU Hui,WANG Kun. Network security situation evaluation method for multi-step attack[J]. Journal on communications,2017,38(1):187-198.
[5]王坤,邱辉,杨豪璞.基于攻击模式识别的网络安全态势评估方法[J].计算机应用,2016,36(1):194-198.WANG Kun,QIU Hui,YANG Haopu. Network security situation evaluation method based on attack pattern recognition[J].Journal of computer applications,2016,36(1):194-198.
[6]许晓燕.基于改进博弈模型的网络安全态势评估平台设计[J].现代电子技术,2016,39(12):87-90.XU Xiaoyan. Design of network security situation assessment platform based on the improved game model[J]. Modern electronics technique,2016,39(12):87-90.
[7]文志诚,陈志刚,唐军.基于聚类分析的网络安全态势评估方法[J].上海交通大学学报,2016,50(9):1407-1414.WEN Zhicheng,CHEN Zhigang,TANG Jun. Network security assessment method based on cluster analysis[J]. Journal of Shanghai Jiao Tong University,2016,50(9):1407-1414.
[8]汤永利,李伟杰,于金霞,等.基于改进D-S证据理论的网络安全态势评估方法[J].南京理工大学学报,2015,39(4):405-411.TANG Yongli,LI Weijie,YU Jinxia,et al. Network security situational assessment method based on improved D-S evidence theory[J]. Journal of Nanjing University of Science and Technology,2015,39(4):405-411.
[9]文志诚,曹春丽,周浩.基于朴素贝叶斯分类器的网络安全态势评估方法[J].计算机应用,2015,35(8):2164-2168.WEN Zhicheng,CAO Chunli,ZHOU Hao. Network security situation assessment method based on naive Bayes classifier[J].Journal of computer applications,2015,35(8):2164-2168.
[10]方研,殷肖川,孙益博.基于隐马尔可夫模型的网络安全态势评估[J].计算机应用与软件,2013,30(12):64-68.FANG Yan,YIN Xiaochuan,SUN Yibo. Network security situation assessment based on hidden Markov model[J]. Computer applications and software,2013,30(12):64-68.
[11]潘恒,李景峰,郑秋生.基于HMM和信息熵的网络安全态势评估方法[J].小型微型计算机系统,2015,36(8):1784-1788.PAN Heng,LI Jingfeng,ZHENG Qiusheng. Network security situation assessment method based on HMM and information entropy[J]. Mini-micro systems,2015,36(8):1784-1788.
[12]谢丽霞,王志华.基于布谷鸟搜索优化BP神经网络的网络安全态势评估方法[J].计算机应用,2017,37(7):1926-1930.XIE Lixia,WANG Zhihua. Network security situation assessment method based on cuckoo search optimized back propagation neural network[J]. Journal of computer applications,2017,37(7):1926-1930.
[13]黄东,李长彬.基于粒子群算法优化最小二乘支持向量机的网络安全态势评估[J].信阳师范学院学报(自然科学版),2016,29(1):113-115.HUANG Dong,LI Changbin. Network security situation assessment based on particle swarm algorithm optimizing least square support vector machine[J]. Journal of Xinyang Teachers College(Natural science edition),2016,29(1):113-115.
[14]汪材印.灰色关联分析和支持向量机相融合的网络安全态势评估[J].计算机应用研究,2013,30(6):1859-1862.WANG Caiyin. Assessment of network security situation based on grey relational analysis and support vector machine[J]. Application research of computers,2013,30(6):1859-1862.
[2]吴果,陈雷,司志刚,等.网络安全态势评估指标体系优化模型研究[J].计算机工程与科学,2017,39(5):861-869.WU Guo,CHEN Lei,SI Zhigang,et al. An index optimization model for network security situation evaluation[J]. Computer engineering&science,2017,39(5):861-869.
[3]陈妍伶,汤光明,孙怡峰.基于免疫危险理论的网络安全态势评估[J].计算机科学,2015,42(6):167-170.CHEN Yanling,TANG Guangming,SUN Yifeng. Assessment of network security situation based on immune danger theory[J]. Computer science,2015,42(6):167-170.
[4]杨豪璞,邱辉,王坤.面向多步攻击的网络安全态势评估方法[J].通信学报,2017,38(1):187-198.YANG Haopu,QIU Hui,WANG Kun. Network security situation evaluation method for multi-step attack[J]. Journal on communications,2017,38(1):187-198.
[5]王坤,邱辉,杨豪璞.基于攻击模式识别的网络安全态势评估方法[J].计算机应用,2016,36(1):194-198.WANG Kun,QIU Hui,YANG Haopu. Network security situation evaluation method based on attack pattern recognition[J].Journal of computer applications,2016,36(1):194-198.
[6]许晓燕.基于改进博弈模型的网络安全态势评估平台设计[J].现代电子技术,2016,39(12):87-90.XU Xiaoyan. Design of network security situation assessment platform based on the improved game model[J]. Modern electronics technique,2016,39(12):87-90.
[7]文志诚,陈志刚,唐军.基于聚类分析的网络安全态势评估方法[J].上海交通大学学报,2016,50(9):1407-1414.WEN Zhicheng,CHEN Zhigang,TANG Jun. Network security assessment method based on cluster analysis[J]. Journal of Shanghai Jiao Tong University,2016,50(9):1407-1414.
[8]汤永利,李伟杰,于金霞,等.基于改进D-S证据理论的网络安全态势评估方法[J].南京理工大学学报,2015,39(4):405-411.TANG Yongli,LI Weijie,YU Jinxia,et al. Network security situational assessment method based on improved D-S evidence theory[J]. Journal of Nanjing University of Science and Technology,2015,39(4):405-411.
[9]文志诚,曹春丽,周浩.基于朴素贝叶斯分类器的网络安全态势评估方法[J].计算机应用,2015,35(8):2164-2168.WEN Zhicheng,CAO Chunli,ZHOU Hao. Network security situation assessment method based on naive Bayes classifier[J].Journal of computer applications,2015,35(8):2164-2168.
[10]方研,殷肖川,孙益博.基于隐马尔可夫模型的网络安全态势评估[J].计算机应用与软件,2013,30(12):64-68.FANG Yan,YIN Xiaochuan,SUN Yibo. Network security situation assessment based on hidden Markov model[J]. Computer applications and software,2013,30(12):64-68.
[11]潘恒,李景峰,郑秋生.基于HMM和信息熵的网络安全态势评估方法[J].小型微型计算机系统,2015,36(8):1784-1788.PAN Heng,LI Jingfeng,ZHENG Qiusheng. Network security situation assessment method based on HMM and information entropy[J]. Mini-micro systems,2015,36(8):1784-1788.
[12]谢丽霞,王志华.基于布谷鸟搜索优化BP神经网络的网络安全态势评估方法[J].计算机应用,2017,37(7):1926-1930.XIE Lixia,WANG Zhihua. Network security situation assessment method based on cuckoo search optimized back propagation neural network[J]. Journal of computer applications,2017,37(7):1926-1930.
[13]黄东,李长彬.基于粒子群算法优化最小二乘支持向量机的网络安全态势评估[J].信阳师范学院学报(自然科学版),2016,29(1):113-115.HUANG Dong,LI Changbin. Network security situation assessment based on particle swarm algorithm optimizing least square support vector machine[J]. Journal of Xinyang Teachers College(Natural science edition),2016,29(1):113-115.
[14]汪材印.灰色关联分析和支持向量机相融合的网络安全态势评估[J].计算机应用研究,2013,30(6):1859-1862.WANG Caiyin. Assessment of network security situation based on grey relational analysis and support vector machine[J]. Application research of computers,2013,30(6):1859-1862.