Computer Science ›› 2020, Vol. 47 ›› Issue (7): 287-291.doi: 10.11896/jsjkx.190300045

• Information Security • Previous Articles     Next Articles

Network Security Situation Assessment Method Based on Improved Hidden Markov Model

LI Xin, DUAN Yong-cheng   

  1. College of Information Technology and Network Security,People’s Public Security University of China,Beijing 100038,China
  • Received:2019-03-13 Online:2020-07-15 Published:2020-07-16
  • About author:LI Xin,born in 1977,Ph.D,associate professor.His main research interests include cyber security and so on.
    DUAN Yong-cheng,born in 1995,master.His main research interests include situational awareness and so on.
  • Supported by:
    This work was supported by the National Key R&D Program of China(2017YFC0803700)

Abstract: Cyber security situation awareness,as an effective supplement in cyber security protection measures,is one of the research focus in recent years.In particular,network security situation assessment has become an important research topic in the field of network security.Hidden Markov Model (HMM) can be used in network security situation assessment,which can evalua-te network status in real time,but there are problems such as difficult to configure model parameters and low evaluation accuracy.Therefore,this paper proposes a situation assessment method for improving the Hidden Markov Model,combining the Baum-Welch (BW) parameter optimization algorithm with the Seeker Optimization Algorithm (SOA).Taking advantage of the strong random search ability of SOA,the traditional parameter optimization algorithm is easy to fall into local optimal solution.The optimized parameters are substituted into the HMM,and the network security situation value is obtained through quantitative analysis.Based on the DARPA2000 dataset,this paper uses MATLAB software to verify the proposed method.The experimental results show that compared with BW algorithm,this method can improve the accuracy of the model,and it makes the quantification of the network security situation more reasonable.

Key words: HMM, Parameter optimization, Situation assessment, Situational awareness, SOA

CLC Number: 

  • TP393
[1]GORODETSKY V,KARSAEV O,SAMOILOV V.On-line update of situation assessment based on asynchronous data streams[C]//International Conference on Knowledge-Based and Intelligent Information and Engineering Systems.Berlin:Springer,2004:1136-1142.
[2]ÅRNES A,VALEUR F,VIGNA G,et al.Using hidden markov models to evaluate the risks of intrusions[C]//International Workshop on Recent Advances in Intrusion Detection.Berlin:Springer,2006:145-164.
[3]HASLUM K,MOE M E G,KNAPSKOG S J.Real-time intrusion prevention and security analysis of networks using HMMs[C]//2008 33rd IEEE Conference on Local Computer Networks (LCN).IEEE,2008:927-934.
[4]POOLSAPPASIT N,DEWRI R,RAY I.Dynamic security risk management using bayesian attack graphs[J].IEEE Transactions on Dependable and Secure Computing,2012,9(1):61-74.
[5]CHEN X Z ,ZHENG Q H,GUAN X H,et al.Quantitative hierarchical threat evaluation model for network security[J].Journal of Software,2006,17(4):885-897.
[6]LI W M,LEI J,DONG J,et al.An Optimized Method for Real Time Network Security Quantification[J].Chinese Journal of Computers,2009,32(4):793-804.
[7]ZHANG Y,TAN X B,CUI X L,et al.Network security situation awareness approach based on Markov game model[J].Journal of Software,2011,22(3):495-508.
[8]XI R R,YUN X C,ZHANG Y Z,et al.An Improved Quantitative Evaluation Method for Network Security[J].Chinese Journal of Computers,2015,38(4):749-758.
[9]WEN Z C,CHEN Z G,TANG J.Network Security Assessment Method Based on Cluster Analysis[J].Journal of Shanghai Jiaotong University,2016,50(9):1407-1414,1421.
[10]TIAN J W,TIAN Z,QI W H,et al.Threat Propagation Based Security Situation Quantitative Assessment in Multi-Node Network[J].Journal of Computer Research and Development,2017,54(4):731-741.
[11]ZHAO D M,LIU J X.Study on Network Security Situation
Awareness based on Particle Swarm Optimization Algorithm[J/OL].Computers & Industrial Engineering.https://www.sciencedirect.com/science/article/abs/pii/S036083521830007X.
[12]WANG H,CHEN Z F,FENG X,et al.Research on Network Security Situation Assessment and Quantification Method Based on Analytic Hierarchy Process[J/OL].Wireless Personal Communications.https://link.springer.com/article/10.1007%2Fs11277-017-5202-3.
[13]LIU X W,YU J G,LV W F,et al.Network security situation:From awareness to awareness-control[J].Journal of Network and Computer Applications,2019,139(8):15-30.
[14]WU X,YAN Y S,LIU X R.Program Behavior Anomaly Detection Method Based on Improved HMM[J].Netinfo Security,2016,1(9):108-112.
[15]SRIVASTAVA A,KUNDU A,SURAL S,et al.Credit card
fraud detection using hidden Markov model[J].IEEE Transactions on Dependable and Secure Computing,2008,5(1):37-48.
[16]YANG L Q,MENG K,WANG B,et al.A New Detection Technique of SQL Injection Based on Hidden Markov Mode[J].Netinfo Security,2017,1(9):115-118.
[17]LI F W,LI Q,ZHU J.Improved method of situation assessment method based on hidden Markov model[J].Journal of Computer Applications,2017,37(5):1331-1334,1340.
[18]DAI C H.Seeker Optimization Algorithm and Its Applications[D].Chengdu:Southwest Jiaotong University,2009.
[1] WANG Bing, WU Hong-liang, NIU Xin-zheng. Robot Path Planning Based on Improved Potential Field Method [J]. Computer Science, 2022, 49(7): 196-203.
[2] FEI Xing-rui, XIE Yi. Click Streams Recognition for Web Users Based on HMM-NN [J]. Computer Science, 2022, 49(7): 340-349.
[3] WANG Xin, XIANG Ming-yue, LI Si-ying, ZHAO Ruo-cheng. Relation Prediction for Railway Travelling Group Based on Hidden Markov Model [J]. Computer Science, 2022, 49(6A): 247-255.
[4] LYU Peng-peng, WANG Shao-ying, ZHOU Wen-fang, LIAN Yang-yang, GAO Li-fang. Quantitative Method of Power Information Network Security Situation Based on Evolutionary Neural Network [J]. Computer Science, 2022, 49(6A): 588-593.
[5] XU Ming-ze, WEI Ming-hui, DENG Shuang, CAI Wei. Application of Multi-model Ensemble Learning in Prediction of Mechanical Drilling Rate [J]. Computer Science, 2021, 48(6A): 619-622.
[6] ZHOU Yi-min, LIU Fang-zheng , WANG Yong. IPSec VPN Encrypted Traffic Identification Based on Hybrid Method [J]. Computer Science, 2021, 48(4): 295-302.
[7] ZHAO Dong-mei, SONG Hui-qian, ZHANG Hong-bin. Network Security Situation Based on Time Factor and Composite CNN Structure [J]. Computer Science, 2021, 48(12): 349-356.
[8] BAI Xue, Nurbol and WANG Ya-dong. Map Analysis for Research Status and Development Trend on Network Security Situational Awareness [J]. Computer Science, 2020, 47(6A): 340-343.
[9] WU Ying-jie, HUANG Xin, GE Chen, SUN Lan. Adaptive Parameter Optimization for Real-time Differential Privacy Streaming Data Publication [J]. Computer Science, 2019, 46(9): 99-105.
[10] HU Xin-nan. FIR High Pass Digital Filter Design Based on Improved Chaos Particle Swarm Optimization Algorithm [J]. Computer Science, 2019, 46(6A): 601-604.
[11] HENG Hong-jun, WANG Rui. Long-term Operational Situation Assessment System for Terminal Buildings [J]. Computer Science, 2019, 46(5): 310-314.
[12] CHAI Hui-min, FANG Min, LV Shao-nan. Local Path Planning of Mobile Robot Based on Situation Assessment Technology [J]. Computer Science, 2019, 46(4): 210-215.
[13] ZHANG Xiao-feng, WANG Xiu-ying. Comprehensive Review of Grey Wolf Optimization Algorithm [J]. Computer Science, 2019, 46(3): 30-38.
[14] WGAN Ting-ting, ZHU Jiang. Network Security Situation Forecast Based on Differential WGAN [J]. Computer Science, 2019, 46(11A): 433-437.
[15] LIAO Hu-sheng, HUANG Shan-shan, XU Jun-gang, LIU Ren-feng. Survey on Performance Optimization Technologies for Spark [J]. Computer Science, 2018, 45(7): 7-15.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!