计算机科学 ›› 2018, Vol. 45 ›› Issue (10): 138-141.doi: 10.11896/j.issn.1002-137X.2018.10.026
刘建峰1, 陈健2
LIU Jian-feng1, CHEN Jian2
摘要: 为了实时评估网络安全状态,弥补传统网络节点入侵风险评估方法评估精度低、实用性差的不足,提出一种新的基于模糊博弈规则的网络节点入侵风险评估方法。该方法通过一组有限状态集合对网络进行描述,给出博弈双方的收益矩阵和模糊博弈元素,获取入侵者和网络节点的预期收益,在此基础上给出模糊博弈规则;通过模糊博弈规则,依据资产、威胁、弱点以及风险要素构建风险评估模型;完成策略成本与收益的量化处理后,建立网络节点模糊博弈树,求出纳什均衡;结合入侵者和网络节点的收益函数,获取模糊博弈规则下网络节点风险期望,确定网络节点入侵风险值,并依据阈值判断是否需报警,以防止网络节点被入侵。实验结果表明,所提方法的评估精度高、可靠性和实用性强。
中图分类号:
[1]LIU W F,ZHANG S W,GONG X.An Improved Network Risk Evaluation Method Based on Markov Game[J].Telecommunications Science,2014,30(7):13-18.(in Chinese) 刘文芬,张树伟,龚心.一种优化的基于Markov博弈理论的网络风险评估方法[J].电信科学,2014,30(7):13-18. [2]ZHANG J,WANG J D,ZHANG H W,et al.Network Risk Analysis Method Based on Node-Game Vulnerability Attack Graph[J].Computer Science,2014,41(9):169-173.(in Chinese) 张健,王晋东,张恒巍,等.基于节点博弈漏洞攻击图的网络风险分析方法[J].计算机科学,2014,41(9):169-173. [3]LEI J G.Simulation of Game Detection under Unbalanced Invasion Characteristics[J].Computer Simulation,2015,32(9):307-310.(in Chinese) 雷剑刚.不平衡网络入侵特征下的博弈检测仿真[J].计算机仿真,2015,32(9):307-310. [4]LAI C,CHEN X,CHEN X,et al.A fuzzy comprehensive evaluation model for flood risk based on the combination weight of game theory[J].Natural Hazards,2015,77(2):1243-1259. [5]GUI M Q,LIU Y B, ZHOU L Y.Intrusion detection based on game theory in wireless sensor network[J].Journal of Chongqing University of Posts and Telecommunications(Natural Science Edition),2016,28(3):414-420.(in Chinese) 桂明倩,刘宴兵,周嘹永.WSN中基于博弈理论的入侵检测研究[J].重庆邮电大学学报(自然科学版),2016,28(3):414-420. [6]REN L C, LI Z F.A New Model Based on the Games Theory and Fuzzy Mathematics in Bridge Engineering Risk Assessment[J].Highway Engineering,2017,42(1):163-169.(in Chinese) 任丽超,栗振锋.基于博弈论和模糊数学的桥梁风险评价模型[J].公路工程,2017,42(1):163-169. [7]YU D K,WANG J D,ZHANG H W,et al.Risk assessment selection based on static Bayesian game[J].Computer Engineering and Science,2015,37(6):1079-1086.(in Chinese) 余定坤,王晋东,张恒巍,等.基于静态贝叶斯博弈的风险评估方法研究[J].计算机工程与科学,2015,37(6):1079-1086. [8]XIE Q L.Design of wireless sensor network the sink node based on OK6410[J].Electronic Design Engineering,2016,24(6):159-161.(in Chinese) 谢巧玲.基于OK6410的无线传感器网络汇聚节点设计[J].电子设计工程,2016,24(6):159-161. [9]HAN L,SONG Y,DUAN L,et al.Risk assessment methodology for Shenyang Chemical Industrial Park based on fuzzy comprehensive evaluation[J].Environmental Earth Sciences,2015,73(9):5185-5192. [10]SHI L B,JIAN Z.ulnerability Assessment of Cyber Physical Power System Based on Dynamic Attack-defense Game Model[J].Automation of Electric Power Systems,2016,40(17):99-105.(in Chinese) 石立宝,简洲.基于动态攻防博弈的电力信息物理融合系统脆弱性评估[J].电力系统自动化,2016,40(17):99-105. [11]HUANG L L,YAO A L,XIAN T,et al.Research on risk assessment method of oil & gas pipeline with consideration of vulnerability[J].China Safety Science Journal,2014,24(7):93-99.(in Chinese) 黄亮亮,姚安林,鲜涛,等.考虑脆弱性的油气管道风险评估方法研究[J].中国安全科学学报,2014,24(7):93-99. [12]ZHANG H W,ZHANG J,HAN J H,et al.Vulnerability risk analysis method based on game model and risk matrix[J].Computer Engineering and Design,2016, 37(6):1421-1427.(in Chinese) 张恒巍,张健,韩继红,等.基于博弈模型和风险矩阵的漏洞风险分析方法[J].计算机工程与设计,2016,37(6):1421-1427. [13]ZHANG Y.Research on the computer network security evaluation based on the DHFHCG operator with dual hesitant fuzzy information[J].Journal of Intelligent & Fuzzy Systems,2015,28(1):199-204. [14]XI R R,YUN X C,ZHANG Y Z,et al.An Improved Quantitative Evaluation Method for Network Security[J].Chinese Journal of Computers,2015,38(4):749-758.(in Chinese) 席荣荣,云晓春,张永铮,等.一种改进的网络安全态势量化评估方法[J].计算机学报,2015,38(4):749-758. [15]SONG Y U,CHENE J.Research of Aircraft Maintenance Unit Risk Management Based on the Generalized Linear Regression Model[J].Bulletin of Science and Technology,2016,32(1):215-219.(in Chinese) 宋云雪,陈金.基于广义线性回归模型的飞机维修单位风险管理研究[J].科技通报,2016,32(1):215-219. [16]DAI W.Application of Intrusion Detection Technology in Network Security[J].Journal of Chongqing Institute of Technology,2018,32(4):156-160,185.(in Chinese) 代威.入侵检测技术在网络安全中的应用[J].重庆理工大学学报(自然科学),2018,32(4):156-160,185. |
[1] | 傅彦铭, 朱杰夫, 蒋侃, 黄保华, 孟庆文, 周兴. 移动众包中基于多约束工人择优的激励机制研究 Incentive Mechanism Based on Multi-constrained Worker Selection in Mobile Crowdsourcing 计算机科学, 2022, 49(9): 275-282. https://doi.org/10.11896/jsjkx.210700129 |
[2] | 柳杰灵, 凌晓波, 张蕾, 王博, 王之梁, 李子木, 张辉, 杨家海, 吴程楠. 基于战术关联的网络安全风险评估框架 Network Security Risk Assessment Framework Based on Tactical Correlation 计算机科学, 2022, 49(9): 306-311. https://doi.org/10.11896/jsjkx.210600171 |
[3] | 王馨彤, 王璇, 孙知信. 基于多尺度记忆残差网络的网络流量异常检测模型 Network Traffic Anomaly Detection Method Based on Multi-scale Memory Residual Network 计算机科学, 2022, 49(8): 314-322. https://doi.org/10.11896/jsjkx.220200011 |
[4] | 吴功兴, 孙兆洋, 琚春华. 考虑中断风险与模糊定价的闭环供应链网络设计模型 Closed-loop Supply Chain Network Design Model Considering Interruption Risk and Fuzzy Pricing 计算机科学, 2022, 49(7): 220-225. https://doi.org/10.11896/jsjkx.201100084 |
[5] | 高春刚, 王永杰, 熊鑫立. MTDCD:一种对抗网络入侵的混合防御机制 MTDCD:A Hybrid Defense Mechanism Against Network Intrusion 计算机科学, 2022, 49(7): 324-331. https://doi.org/10.11896/jsjkx.210600193 |
[6] | 张洪博, 董力嘉, 潘玉彪, 萧宗志, 张惠臻, 杜吉祥. 视频理解中的动作质量评估方法综述 Survey on Action Quality Assessment Methods in Video Understanding 计算机科学, 2022, 49(7): 79-88. https://doi.org/10.11896/jsjkx.210600028 |
[7] | 周志豪, 陈磊, 伍翔, 丘东亮, 梁广升, 曾凡巧. 基于SMOTE-SDSAE-SVM的车载CAN总线入侵检测算法 SMOTE-SDSAE-SVM Based Vehicle CAN Bus Intrusion Detection Algorithm 计算机科学, 2022, 49(6A): 562-570. https://doi.org/10.11896/jsjkx.210700106 |
[8] | 曹扬晨, 朱国胜, 孙文和, 吴善超. 未知网络攻击识别关键技术研究 Study on Key Technologies of Unknown Network Attack Identification 计算机科学, 2022, 49(6A): 581-587. https://doi.org/10.11896/jsjkx.210400044 |
[9] | 徐佳楠, 张天瑞, 赵伟博, 贾泽轩. 面向供应链风险评估的改进BP小波神经网络研究 Study on Improved BP Wavelet Neural Network for Supply Chain Risk Assessment 计算机科学, 2022, 49(6A): 654-660. https://doi.org/10.11896/jsjkx.210800049 |
[10] | 朱旭辉, 沈国娇, 夏平凡, 倪志伟. 基于螺旋进化萤火虫算法和BP神经网络的模型及其在PPP融资风险预测中的应用 Model Based on Spirally Evolution Glowworm Swarm Optimization and Back Propagation Neural Network and Its Application in PPP Financing Risk Prediction 计算机科学, 2022, 49(6A): 667-674. https://doi.org/10.11896/jsjkx.210800088 |
[11] | 王宇飞, 陈文. 基于DECORATE集成学习与置信度评估的Tri-training算法 Tri-training Algorithm Based on DECORATE Ensemble Learning and Credibility Assessment 计算机科学, 2022, 49(6): 127-133. https://doi.org/10.11896/jsjkx.211100043 |
[12] | 魏辉, 陈泽茂, 张立强. 一种基于顺序和频率模式的系统调用轨迹异常检测框架 Anomaly Detection Framework of System Call Trace Based on Sequence and Frequency Patterns 计算机科学, 2022, 49(6): 350-355. https://doi.org/10.11896/jsjkx.210500031 |
[13] | 刘林云, 陈开颜, 李雄伟, 张阳, 谢方方. 基于卷积神经网络的旁路密码分析综述 Overview of Side Channel Analysis Based on Convolutional Neural Network 计算机科学, 2022, 49(5): 296-302. https://doi.org/10.11896/jsjkx.210300286 |
[14] | 鹿婷, 侯国家, 潘振宽, 王国栋. 基于HVS的水下图像质量评价 Underwater Image Quality Assessment Based on HVS 计算机科学, 2022, 49(5): 98-104. https://doi.org/10.11896/jsjkx.210100224 |
[15] | 储安琪, 丁志军. 基于灰狼优化算法的信用评估样本均衡化与特征选择同步处理 Application of Gray Wolf Optimization Algorithm on Synchronous Processing of Sample Equalization and Feature Selection in Credit Evaluation 计算机科学, 2022, 49(4): 134-139. https://doi.org/10.11896/jsjkx.210300075 |
|