Computer Science ›› 2020, Vol. 47 ›› Issue (7): 287-291.doi: 10.11896/jsjkx.190300045

• Information Security • Previous Articles     Next Articles

Network Security Situation Assessment Method Based on Improved Hidden Markov Model

LI Xin, DUAN Yong-cheng   

  1. College of Information Technology and Network Security,People’s Public Security University of China,Beijing 100038,China
  • Received:2019-03-13 Online:2020-07-15 Published:2020-07-16
  • About author:LI Xin,born in 1977,Ph.D,associate professor.His main research interests include cyber security and so on.
    DUAN Yong-cheng,born in 1995,master.His main research interests include situational awareness and so on.
  • Supported by:
    This work was supported by the National Key R&D Program of China(2017YFC0803700)

Abstract: Cyber security situation awareness,as an effective supplement in cyber security protection measures,is one of the research focus in recent years.In particular,network security situation assessment has become an important research topic in the field of network security.Hidden Markov Model (HMM) can be used in network security situation assessment,which can evalua-te network status in real time,but there are problems such as difficult to configure model parameters and low evaluation accuracy.Therefore,this paper proposes a situation assessment method for improving the Hidden Markov Model,combining the Baum-Welch (BW) parameter optimization algorithm with the Seeker Optimization Algorithm (SOA).Taking advantage of the strong random search ability of SOA,the traditional parameter optimization algorithm is easy to fall into local optimal solution.The optimized parameters are substituted into the HMM,and the network security situation value is obtained through quantitative analysis.Based on the DARPA2000 dataset,this paper uses MATLAB software to verify the proposed method.The experimental results show that compared with BW algorithm,this method can improve the accuracy of the model,and it makes the quantification of the network security situation more reasonable.

Key words: Situation assessment, HMM, SOA, Parameter optimization, Situational awareness

CLC Number: 

  • TP393
[1] GORODETSKY V,KARSAEV O,SAMOILOV V.On-line update of situation assessment based on asynchronous data streams[C]//International Conference on Knowledge-Based and Intelligent Information and Engineering Systems.Berlin:Springer,2004:1136-1142.
[2] ÅRNES A,VALEUR F,VIGNA G,et al.Using hidden markov models to evaluate the risks of intrusions[C]//International Workshop on Recent Advances in Intrusion Detection.Berlin:Springer,2006:145-164.
[3] HASLUM K,MOE M E G,KNAPSKOG S J.Real-time intrusion prevention and security analysis of networks using HMMs[C]//2008 33rd IEEE Conference on Local Computer Networks (LCN).IEEE,2008:927-934.
[4] POOLSAPPASIT N,DEWRI R,RAY I.Dynamic security risk management using bayesian attack graphs[J].IEEE Transactions on Dependable and Secure Computing,2012,9(1):61-74.
[5] CHEN X Z ,ZHENG Q H,GUAN X H,et al.Quantitative hierarchical threat evaluation model for network security[J].Journal of Software,2006,17(4):885-897.
[6] LI W M,LEI J,DONG J,et al.An Optimized Method for Real Time Network Security Quantification[J].Chinese Journal of Computers,2009,32(4):793-804.
[7] ZHANG Y,TAN X B,CUI X L,et al.Network security situation awareness approach based on Markov game model[J].Journal of Software,2011,22(3):495-508.
[8] XI R R,YUN X C,ZHANG Y Z,et al.An Improved Quantitative Evaluation Method for Network Security[J].Chinese Journal of Computers,2015,38(4):749-758.
[9] WEN Z C,CHEN Z G,TANG J.Network Security Assessment Method Based on Cluster Analysis[J].Journal of Shanghai Jiaotong University,2016,50(9):1407-1414,1421.
[10] TIAN J W,TIAN Z,QI W H,et al.Threat Propagation Based Security Situation Quantitative Assessment in Multi-Node Network[J].Journal of Computer Research and Development,2017,54(4):731-741.
[11] ZHAO D M,LIU J X.Study on Network Security SituationAwareness based on Particle Swarm Optimization Algorithm[J/OL].Computers & Industrial Engineering.
[12] WANG H,CHEN Z F,FENG X,et al.Research on Network Security Situation Assessment and Quantification Method Based on Analytic Hierarchy Process[J/OL].Wireless Personal Communications.
[13] LIU X W,YU J G,LV W F,et al.Network security situation:From awareness to awareness-control[J].Journal of Network and Computer Applications,2019,139(8):15-30.
[14] WU X,YAN Y S,LIU X R.Program Behavior Anomaly Detection Method Based on Improved HMM[J].Netinfo Security,2016,1(9):108-112.
[15] SRIVASTAVA A,KUNDU A,SURAL S,et al.Credit cardfraud detection using hidden Markov model[J].IEEE Transactions on Dependable and Secure Computing,2008,5(1):37-48.
[16] YANG L Q,MENG K,WANG B,et al.A New Detection Technique of SQL Injection Based on Hidden Markov Mode[J].Netinfo Security,2017,1(9):115-118.
[17] LI F W,LI Q,ZHU J.Improved method of situation assessment method based on hidden Markov model[J].Journal of Computer Applications,2017,37(5):1331-1334,1340.
[18] DAI C H.Seeker Optimization Algorithm and Its Applications[D].Chengdu:Southwest Jiaotong University,2009.
[1] BAI Xue, Nurbol and WANG Ya-dong. Map Analysis for Research Status and Development Trend on Network Security Situational Awareness [J]. Computer Science, 2020, 47(6A): 340-343.
[2] WU Ying-jie, HUANG Xin, GE Chen, SUN Lan. Adaptive Parameter Optimization for Real-time Differential Privacy Streaming Data Publication [J]. Computer Science, 2019, 46(9): 99-105.
[3] HU Xin-nan. FIR High Pass Digital Filter Design Based on Improved Chaos Particle Swarm Optimization Algorithm [J]. Computer Science, 2019, 46(6A): 601-604.
[4] HENG Hong-jun, WANG Rui. Long-term Operational Situation Assessment System for Terminal Buildings [J]. Computer Science, 2019, 46(5): 310-314.
[5] CHAI Hui-min, FANG Min, LV Shao-nan. Local Path Planning of Mobile Robot Based on Situation Assessment Technology [J]. Computer Science, 2019, 46(4): 210-215.
[6] ZHANG Xiao-feng, WANG Xiu-ying. Comprehensive Review of Grey Wolf Optimization Algorithm [J]. Computer Science, 2019, 46(3): 30-38.
[7] WGAN Ting-ting, ZHU Jiang. Network Security Situation Forecast Based on Differential WGAN [J]. Computer Science, 2019, 46(11A): 433-437.
[8] LIAO Hu-sheng, HUANG Shan-shan, XU Jun-gang, LIU Ren-feng. Survey on Performance Optimization Technologies for Spark [J]. Computer Science, 2018, 45(7): 7-15.
[9] CHEN Jin-yin, XIONG Hui, ZHENG Hai-bin. Parameters Optimization for SVM Based on Particle Swarm Algorithm [J]. Computer Science, 2018, 45(6): 197-203.
[10] LI Dong-yue, YANG Gang, QIAN Bo. Research on Architecture of Internet of Things [J]. Computer Science, 2018, 45(11A): 27-31.
[11] JU An-kang, GUO Yuan-bo and ZHU Tai-ming. Framework for Big Data Network Security Situational Awareness and Threat Warning Based on Open Source Toolset [J]. Computer Science, 2017, 44(5): 125-131.
[12] GAO Yi-di, JIANG Xia-jun and SHI Hui-bin. Personalized Human Body Modeling Method Based on Measurements [J]. Computer Science, 2017, 44(12): 279-282.
[13] QU Zhong and LI Xiu-li. Algorithm of Eliminating Image Stitching Line Based on Improved IGG Model [J]. Computer Science, 2017, 44(12): 274-278.
[14] ZHANG Li-zhi, HUANG Ju, SUN Hua-dong, ZHAO Zhi-jie, CHEN Li and XING Zong-xin. HMM Static Gesture Recognition Algorithm Based on Fusing Local Feature and Global Feature [J]. Computer Science, 2016, 43(Z11): 247-251.
[15] LI Wei-lin, WEN Jian and MA Wen-kai. Speech Recognition System Based on Deep Neural Network [J]. Computer Science, 2016, 43(Z11): 45-49.
Full text



[1] LEI Li-hui and WANG Jing. Parallelization of LTL Model Checking Based on Possibility Measure[J]. Computer Science, 2018, 45(4): 71 -75 .
[2] SUN Qi, JIN Yan, HE Kun and XU Ling-xuan. Hybrid Evolutionary Algorithm for Solving Mixed Capacitated General Routing Problem[J]. Computer Science, 2018, 45(4): 76 -82 .
[3] ZHANG Jia-nan and XIAO Ming-yu. Approximation Algorithm for Weighted Mixed Domination Problem[J]. Computer Science, 2018, 45(4): 83 -88 .
[4] WU Jian-hui, HUANG Zhong-xiang, LI Wu, WU Jian-hui, PENG Xin and ZHANG Sheng. Robustness Optimization of Sequence Decision in Urban Road Construction[J]. Computer Science, 2018, 45(4): 89 -93 .
[5] SHI Wen-jun, WU Ji-gang and LUO Yu-chun. Fast and Efficient Scheduling Algorithms for Mobile Cloud Offloading[J]. Computer Science, 2018, 45(4): 94 -99 .
[6] ZHOU Yan-ping and YE Qiao-lin. L1-norm Distance Based Least Squares Twin Support Vector Machine[J]. Computer Science, 2018, 45(4): 100 -105 .
[7] LIU Bo-yi, TANG Xiang-yan and CHENG Jie-ren. Recognition Method for Corn Borer Based on Templates Matching in Muliple Growth Periods[J]. Computer Science, 2018, 45(4): 106 -111 .
[8] GENG Hai-jun, SHI Xin-gang, WANG Zhi-liang, YIN Xia and YIN Shao-ping. Energy-efficient Intra-domain Routing Algorithm Based on Directed Acyclic Graph[J]. Computer Science, 2018, 45(4): 112 -116 .
[9] CUI Qiong, LI Jian-hua, WANG Hong and NAN Ming-li. Resilience Analysis Model of Networked Command Information System Based on Node Repairability[J]. Computer Science, 2018, 45(4): 117 -121 .
[10] WANG Zhen-chao, HOU Huan-huan and LIAN Rui. Path Optimization Scheme for Restraining Degree of Disorder in CMT[J]. Computer Science, 2018, 45(4): 122 -125 .