【摘要】：在網(wǎng)絡安全態(tài)勢評估中,各種傳感器報警數(shù)據(jù)多樣且復雜,評估的經(jīng)驗知識和先驗概率難以獲取,使得準確分析和評估網(wǎng)絡安全態(tài)勢十分困難.針對上述問題,對安全傳感器采集到的數(shù)據(jù)建立隱馬爾可夫模型,將難以解決的多源異構數(shù)據(jù)統(tǒng)一融合問題轉化為計算聯(lián)合概率的問題.利用前向算法特點,近似計算出聯(lián)合概率,避免了直接計算先驗概率的困難,并引入聯(lián)合信息熵來描述網(wǎng)絡安全態(tài)勢.實驗驗證了該方法的有效性,與基于概率的態(tài)勢評估方法相比,該方法能更清晰地說明網(wǎng)絡安全狀態(tài)的穩(wěn)定程度及趨勢.
[Abstract]:In the network security situation assessment, all kinds of sensor alarm data are diverse and complex, and the experience knowledge and prior probability of the evaluation are difficult to obtain, which makes it very difficult to accurately analyze and evaluate the network security situation. In view of the above problems, the hidden Markov model is established for the data collected by the security sensor, and the problem of unified fusion of multi-source and heterogeneous data is transformed into the problem of computing the joint probability. Based on the characteristics of forward algorithm, the joint probability is approximately calculated, which avoids the difficulty of directly calculating the prior probability, and the joint information entropy is introduced to describe the network security situation. Compared with the probability-based situation assessment method, this method can clearly explain the stability and trend of the network security state.
【作者單位】： 河南省計算機信息系統(tǒng)安全評估工程實驗室;中原工學院計算機學院;信息工程大學;
【基金】：國家自然聯(lián)合基金項目(U1304606)資助 河南省科技攻關項目(132102310284)資助 鄭州市科技攻關項目(2010GYXM421)資助
【分類號】：TP393.08

【參考文獻】

相關期刊論文 前5條

1 韋勇;連一峰;馮登國;;基于信息融合的網(wǎng)絡安全態(tài)勢評估模型[J];計算機研究與發(fā)展;2009年03期

2 賈焰;王曉偉;韓偉紅;李愛平;程文聰;;YHSSAS:面向大規(guī)模網(wǎng)絡的安全態(tài)勢感知系統(tǒng)[J];計算機科學;2011年02期

3 劉煒;;網(wǎng)絡安全態(tài)勢估計的融合決策模型分析[J];計算機工程;2009年17期

4 陳秀真;鄭慶華;管曉宏;林晨光;;層次化網(wǎng)絡安全威脅態(tài)勢量化評估方法[J];軟件學報;2006年04期

5 龔正虎;卓瑩;;網(wǎng)絡態(tài)勢感知研究[J];軟件學報;2010年07期

【共引文獻】

相關期刊論文 前10條

1 李寶s，

本文編號：2160008