一种确定网络安全度量指标体系参考框架的方法
|
摘要
评价主体、评价对象和评价尺度组合的多样性决定了评价指标体系的不唯一性,本文设计了一种网络安全度量指标体系性能评估的理论方法。结合"熵"、"博弈论"的相关思想,设计了"熵-博弈指标体系优化模型",通过对指标区分度的计算以及结合指标重要程度因素的修正,对指标体系整体区分度进行测算,比较同一评价对象下不同网络安全度量指标体系的性能差异。通过实例验证了典型网络环境下该理论方法的合理性和可行性。为不同行业、不同业务、不同组成对象甚至同一系统不同时期的网络确定与其相适应的网络安全度量指标体系参考。
The diversity of evaluation subjects, evaluation objects and evaluation scales determines the non-uniqueness of the evaluation index system. In this paper, a theoretical method for evaluating the performance of network security metric index system is designed.Combination of "entropy", "game theory" related ideas, designs "the index system optimization model of entropy-game theory", through the calculation of index degree of differentiation and the correction of combining with index importance factor, to measure index system of the overall degree of differentiation, comparing the same evaluation objects under different network security measure index system of performance differences.The rationality and feasibility of the theory and method in typical network environment are verified by an example. For different industries, different services, different components and even the same system in different periods of the network to determine the corresponding network security metrics system reference.
The diversity of evaluation subjects, evaluation objects and evaluation scales determines the non-uniqueness of the evaluation index system. In this paper, a theoretical method for evaluating the performance of network security metric index system is designed.Combination of "entropy", "game theory" related ideas, designs "the index system optimization model of entropy-game theory", through the calculation of index degree of differentiation and the correction of combining with index importance factor, to measure index system of the overall degree of differentiation, comparing the same evaluation objects under different network security measure index system of performance differences.The rationality and feasibility of the theory and method in typical network environment are verified by an example. For different industries, different services, different components and even the same system in different periods of the network to determine the corresponding network security metrics system reference.
引文
[1]D.G.Feng,Y.Zhang,and Y.Q.Zhang,“Survey of information security risk assessment”,Journal of China Institute of Communications,vol.25,no.7,pp.10-18(in Chinese),2004.(冯登国,张阳,张玉清,“信息安全风险评估综述”,通信学报,2004,25(7):10-18.)
[2]Y.N.Li,“Research on Distinguish Degree&Weight Designing of Evaluation System based on Entropy Theory n[M.S.dissertation]”,Nanjing University of Aeronautics and Astronautics(in Chinese),Nanjing,2008.(李元年.“基于熵理论的指标体系区分度测算与权重设计”[硕士学位论文].南京:南京航空航天大学,2008.)
[3]Y.R.Zhang,M.Xian,and G.Y.Wang,“A Quantitative Evaluation Technique of Attack Effect of Computer Network Based on Network Entropy”,Journal of China Institute of Communications,vol.25,no.11,pp.158-165(in Chinese),2004.(张义荣,鲜明,王国玉,“一种基于网络熵的计算机网络攻击效果定量评估方法”,通信学报,2004,25(11):158-165.)
[4]C.Lin,Y.Wang,and Q.L.Li,“Stochastic modeling and evaluation for network security”,Chinese Journal of Computer,vol.28,no.12,pp.1944-1956(in Chinese),2005.(林闯,汪洋,李泉林,“网络安全的随机模型方法与评价技术”,计算机学报,2005,28(12):1944-1956.)
[5]Abdou,Samir,Savoy,and Jacques,“Statistical and comparative evaluation of various indexing and search models”.Lecture Notes in Computer Science,pp.362-373,2006.
[6]G.A.Shafer,“Mathematical theory of evidence”,Princeton University Press,1976.
[7]Y.F.Lu,L.L.Li,and Z.Zhang,“Research on Approach of Evaluation Index Screening Based on Grey Rough Set”,Fire Control&Command Control,43(1):37-42(in Chinese),2018.(路云飞,李琳琳,张壮,“基于灰色粗糙集的指标筛选方法”,火力与指挥控制,2018,43(1):37-42.)
[8]X.Guo and R.M.Hu,“The effectiveness evaluation for security system based on risk entropy model and Bayesian network theory”,in IEEE International Camahan Conference on Security Technology(ICCST),pp.57-65,2010.
[9]S.B.Chen and X.F.Wang,“Feature Selection Algorithm for Incomplete Data Based on Information Entropy”,PR&AI,27(12):1131-1137(in Chinese),2014.(陈圣兵,王晓峰,“基于信息熵的不完备数据特征选择算法”,模式识别与人工智能,2014,27(12):1131-1137.)
[10]Z.Liu,J.S.Duanmu,Q.Wang,and C.L.Wang,“An Evaluation Method of Scheme Based on Entropy Weight Multi-objection Decision-making”,Mathematics in Practiceand Theory,vol.35,no.10,pp.114-119(in Chinese),2005.(刘智,端木京顺,王强,王成林,“基于熵权多目标决策的方案评估方法研究”,数学的实践与认识,2005,35(10):114-119.)
[11]Gautam,Sunil Kumar,Om,and Hari,“Comparative analysis of classicication techniques in network based intrusion detection system”,in 1st International Conference on Intelligent Computing and Communication(ICIC2'2016),pp.591-601,2016.
[12]Christian Callegari,Stefano Giordano,and Michele Pagano,“Entropy-based network anomaly Detection”,in 2017 International Conference on Computing,Networking and Communications(ICNC'2017),2017.
[13]Z.M.Lu and Y.P.Feng,“Information entropy and cross information entropy based attacking methods for complex nerworks”,Journal of Information Hiding and Mutimedia Signal Processing,7(6):1243-1253,2016.
[14]Y.H.Qiu,“Management Decision Making and Application Entropy”,China Machine Press,2001.(邱菀华,管理决策与应用熵学,机械工业出版社,2001.)
[15]C.E.Shannon,“A note on the concept of entropy”,Bell System Technical Journal,27(3):379-423,1948.
[16]H.W.Liu,“A Study on Feature Selection Algorithms Using Information Entropy[Ph.D.dissertation]”,Jilin University(in Chinese),Changchun,2010.(刘华文,“基于信息熵的特征选择算法研究”[博士学位论文],长春:吉林大学,2010.)
[17]J.C.Xu,“Knowledge Entropy and Feature Selection in Incomplete Decision System”,Applied Mathematics and Information Sciences,7(2):829-837,2013.
[18]L.Sun,J.C.Xu,and S.Q.Li,“New Approach for Feature Selection by Using Information Entropy”,Journal of Information and Computational Sciences,8(12):2259-2268,2011.
[19]Shamilov and Aladdin,“A Development of entropy optimization methods”,WSEAS Transactions on Mathematics,pp.568-575,May2006.
[20]J.Ma,Z.P.Fan,and L.H.Huang,“A subjective and objective integrated approach to determine attribute weight”,European Journal of Operational Research,112(2):397-404,1999.
[21]X.G.Zhu,“The research about the degree of different and its countermeasure in credit evaluation[M.S.dissertation]”,Beijing University of Chemical Technology(in Chinese),Beijing,2014.(朱晓刚.“信用评价中区分度问题与对策研究”[硕士学位论文].北京:北京化工大学,2014.)
[22]L.Demetrius,T.Manke,“Robustness and network evalution-an entropic principle”,Physica A:Statistical Mechanics and its Applications,346(3):682-696,2005.
[23]C.Z.Hu,“Calculation of the Behavior Utility of a Network System:Conception and Principle”,Engineer,4(2018):78-84,2018.
[24]K.M.Carter,J.F.Riordan,and H.Okhravi,“A game theoretic approach to strategy determination for dynamic platform defense”,in Proceedings of the First ACM Workshop on Moving Target Defense(ACM-MTD'1),pp.21-30,2014.
[25]W.Jiang,B.X.Fang,Z.H.Tian,and H.L.Zhang,“Evaluating Network Security and Optimal Active Defense Based on Attack-Defense Game Model”,Chinese Journal of Computers,vol.32,no.4,pp.817-827(in Chinese),2009.(姜伟,方滨兴,田志宏,张宏莉,“基于攻防博弈模型的网络安全测评和最优主动防御”,计算机学报,2009,32(4):817-827.)
[26]J.Q.Cai,“The research of network vulnerability assessment based on game theory model[M.S.dissertation]”,North China Electric Power University(in Chinese),Baoding,2010.(蔡建强.“基于博弈模型的网络脆弱性评估的研究”[硕士学位论文].保定:华北电力大学,2010.)
[27]S.Roy,C.Ellis,S.Shiva,et al.“A survey of game theory as applied to network security”,in Proceedings of the 43rd Hawaii International Conference on System Sciences(HICSS'43),pp.1-10,2010.
[28]B.Y.Zhang,Zh.G.Chen,W.Sh.Tang,et al,“Network security situation assessment based on stochastic game model”,in ICIC'11Proceedings of the 7th International Conference on Advanced Intelligent Computing(ICAIC'7).,pp.517-525,2011.
[29]Y.Z.Wang,M.Yun,J.Y.Li,et al,“Stochastic game net and applications in security analysis for enterprise network”,International Journal of Information Security,11(1):41-52,2012.
[30]G.Liu,H.Zhang,and Q.M.Li,“Network security optimal attack and defense decision-making method based on game model”,Journal of Nanjing University of Science and Technology,38(1):12-21(in Chinese),2014.(刘刚,张宏,李千目,“基于博弈模型的网络安全最优决策方法”,南京理工大学学报,2014,38(1):12-21.)
[2]Y.N.Li,“Research on Distinguish Degree&Weight Designing of Evaluation System based on Entropy Theory n[M.S.dissertation]”,Nanjing University of Aeronautics and Astronautics(in Chinese),Nanjing,2008.(李元年.“基于熵理论的指标体系区分度测算与权重设计”[硕士学位论文].南京:南京航空航天大学,2008.)
[3]Y.R.Zhang,M.Xian,and G.Y.Wang,“A Quantitative Evaluation Technique of Attack Effect of Computer Network Based on Network Entropy”,Journal of China Institute of Communications,vol.25,no.11,pp.158-165(in Chinese),2004.(张义荣,鲜明,王国玉,“一种基于网络熵的计算机网络攻击效果定量评估方法”,通信学报,2004,25(11):158-165.)
[4]C.Lin,Y.Wang,and Q.L.Li,“Stochastic modeling and evaluation for network security”,Chinese Journal of Computer,vol.28,no.12,pp.1944-1956(in Chinese),2005.(林闯,汪洋,李泉林,“网络安全的随机模型方法与评价技术”,计算机学报,2005,28(12):1944-1956.)
[5]Abdou,Samir,Savoy,and Jacques,“Statistical and comparative evaluation of various indexing and search models”.Lecture Notes in Computer Science,pp.362-373,2006.
[6]G.A.Shafer,“Mathematical theory of evidence”,Princeton University Press,1976.
[7]Y.F.Lu,L.L.Li,and Z.Zhang,“Research on Approach of Evaluation Index Screening Based on Grey Rough Set”,Fire Control&Command Control,43(1):37-42(in Chinese),2018.(路云飞,李琳琳,张壮,“基于灰色粗糙集的指标筛选方法”,火力与指挥控制,2018,43(1):37-42.)
[8]X.Guo and R.M.Hu,“The effectiveness evaluation for security system based on risk entropy model and Bayesian network theory”,in IEEE International Camahan Conference on Security Technology(ICCST),pp.57-65,2010.
[9]S.B.Chen and X.F.Wang,“Feature Selection Algorithm for Incomplete Data Based on Information Entropy”,PR&AI,27(12):1131-1137(in Chinese),2014.(陈圣兵,王晓峰,“基于信息熵的不完备数据特征选择算法”,模式识别与人工智能,2014,27(12):1131-1137.)
[10]Z.Liu,J.S.Duanmu,Q.Wang,and C.L.Wang,“An Evaluation Method of Scheme Based on Entropy Weight Multi-objection Decision-making”,Mathematics in Practiceand Theory,vol.35,no.10,pp.114-119(in Chinese),2005.(刘智,端木京顺,王强,王成林,“基于熵权多目标决策的方案评估方法研究”,数学的实践与认识,2005,35(10):114-119.)
[11]Gautam,Sunil Kumar,Om,and Hari,“Comparative analysis of classicication techniques in network based intrusion detection system”,in 1st International Conference on Intelligent Computing and Communication(ICIC2'2016),pp.591-601,2016.
[12]Christian Callegari,Stefano Giordano,and Michele Pagano,“Entropy-based network anomaly Detection”,in 2017 International Conference on Computing,Networking and Communications(ICNC'2017),2017.
[13]Z.M.Lu and Y.P.Feng,“Information entropy and cross information entropy based attacking methods for complex nerworks”,Journal of Information Hiding and Mutimedia Signal Processing,7(6):1243-1253,2016.
[14]Y.H.Qiu,“Management Decision Making and Application Entropy”,China Machine Press,2001.(邱菀华,管理决策与应用熵学,机械工业出版社,2001.)
[15]C.E.Shannon,“A note on the concept of entropy”,Bell System Technical Journal,27(3):379-423,1948.
[16]H.W.Liu,“A Study on Feature Selection Algorithms Using Information Entropy[Ph.D.dissertation]”,Jilin University(in Chinese),Changchun,2010.(刘华文,“基于信息熵的特征选择算法研究”[博士学位论文],长春:吉林大学,2010.)
[17]J.C.Xu,“Knowledge Entropy and Feature Selection in Incomplete Decision System”,Applied Mathematics and Information Sciences,7(2):829-837,2013.
[18]L.Sun,J.C.Xu,and S.Q.Li,“New Approach for Feature Selection by Using Information Entropy”,Journal of Information and Computational Sciences,8(12):2259-2268,2011.
[19]Shamilov and Aladdin,“A Development of entropy optimization methods”,WSEAS Transactions on Mathematics,pp.568-575,May2006.
[20]J.Ma,Z.P.Fan,and L.H.Huang,“A subjective and objective integrated approach to determine attribute weight”,European Journal of Operational Research,112(2):397-404,1999.
[21]X.G.Zhu,“The research about the degree of different and its countermeasure in credit evaluation[M.S.dissertation]”,Beijing University of Chemical Technology(in Chinese),Beijing,2014.(朱晓刚.“信用评价中区分度问题与对策研究”[硕士学位论文].北京:北京化工大学,2014.)
[22]L.Demetrius,T.Manke,“Robustness and network evalution-an entropic principle”,Physica A:Statistical Mechanics and its Applications,346(3):682-696,2005.
[23]C.Z.Hu,“Calculation of the Behavior Utility of a Network System:Conception and Principle”,Engineer,4(2018):78-84,2018.
[24]K.M.Carter,J.F.Riordan,and H.Okhravi,“A game theoretic approach to strategy determination for dynamic platform defense”,in Proceedings of the First ACM Workshop on Moving Target Defense(ACM-MTD'1),pp.21-30,2014.
[25]W.Jiang,B.X.Fang,Z.H.Tian,and H.L.Zhang,“Evaluating Network Security and Optimal Active Defense Based on Attack-Defense Game Model”,Chinese Journal of Computers,vol.32,no.4,pp.817-827(in Chinese),2009.(姜伟,方滨兴,田志宏,张宏莉,“基于攻防博弈模型的网络安全测评和最优主动防御”,计算机学报,2009,32(4):817-827.)
[26]J.Q.Cai,“The research of network vulnerability assessment based on game theory model[M.S.dissertation]”,North China Electric Power University(in Chinese),Baoding,2010.(蔡建强.“基于博弈模型的网络脆弱性评估的研究”[硕士学位论文].保定:华北电力大学,2010.)
[27]S.Roy,C.Ellis,S.Shiva,et al.“A survey of game theory as applied to network security”,in Proceedings of the 43rd Hawaii International Conference on System Sciences(HICSS'43),pp.1-10,2010.
[28]B.Y.Zhang,Zh.G.Chen,W.Sh.Tang,et al,“Network security situation assessment based on stochastic game model”,in ICIC'11Proceedings of the 7th International Conference on Advanced Intelligent Computing(ICAIC'7).,pp.517-525,2011.
[29]Y.Z.Wang,M.Yun,J.Y.Li,et al,“Stochastic game net and applications in security analysis for enterprise network”,International Journal of Information Security,11(1):41-52,2012.
[30]G.Liu,H.Zhang,and Q.M.Li,“Network security optimal attack and defense decision-making method based on game model”,Journal of Nanjing University of Science and Technology,38(1):12-21(in Chinese),2014.(刘刚,张宏,李千目,“基于博弈模型的网络安全最优决策方法”,南京理工大学学报,2014,38(1):12-21.)