计算机科学 ›› 2020, Vol. 47 ›› Issue (7): 287-291.doi: 10.11896/jsjkx.190300045
李欣, 段詠程
LI Xin, DUAN Yong-cheng
摘要: 网络安全态势感知作为网络安全防护措施的有效补充,是近年来的研究热点之一,而准确地评估网络安全状态已成为网络安全领域的一个重要课题。隐马尔可夫模型(Hidden Markov Model,HMM)可用于网络安全态势评估,能实时评估网络状态,但其存在模型参数难以配置、评估准确率较低等问题。因此,文中提出了一种改进隐马尔可夫模型的态势评估方法,将模型Baum-Welch(BW)参数优化算法与人群搜索算法(Seeker Optimization Algorithm,SOA)相结合,利用SOA随机搜索能力强的特点,解决传统参数优化算法容易陷入局部最优解的问题,将优化后的参数代入HMM中,通过量化分析得出网络安全态势值。基于DARPA2000数据集采用MATLAB软件对提出的方法进行实验验证,结果表明,与BW算法相比,所提方法能够提高模型准确率,对网络安全态势的量化更加合理。
中图分类号:
[1]GORODETSKY V,KARSAEV O,SAMOILOV V.On-line update of situation assessment based on asynchronous data streams[C]//International Conference on Knowledge-Based and Intelligent Information and Engineering Systems.Berlin:Springer,2004:1136-1142. [2]ÅRNES A,VALEUR F,VIGNA G,et al.Using hidden markov models to evaluate the risks of intrusions[C]//International Workshop on Recent Advances in Intrusion Detection.Berlin:Springer,2006:145-164. [3]HASLUM K,MOE M E G,KNAPSKOG S J.Real-time intrusion prevention and security analysis of networks using HMMs[C]//2008 33rd IEEE Conference on Local Computer Networks (LCN).IEEE,2008:927-934. [4]POOLSAPPASIT N,DEWRI R,RAY I.Dynamic security risk management using bayesian attack graphs[J].IEEE Transactions on Dependable and Secure Computing,2012,9(1):61-74. [5]CHEN X Z ,ZHENG Q H,GUAN X H,et al.Quantitative hierarchical threat evaluation model for network security[J].Journal of Software,2006,17(4):885-897. [6]LI W M,LEI J,DONG J,et al.An Optimized Method for Real Time Network Security Quantification[J].Chinese Journal of Computers,2009,32(4):793-804. [7]ZHANG Y,TAN X B,CUI X L,et al.Network security situation awareness approach based on Markov game model[J].Journal of Software,2011,22(3):495-508. [8]XI R R,YUN X C,ZHANG Y Z,et al.An Improved Quantitative Evaluation Method for Network Security[J].Chinese Journal of Computers,2015,38(4):749-758. [9]WEN Z C,CHEN Z G,TANG J.Network Security Assessment Method Based on Cluster Analysis[J].Journal of Shanghai Jiaotong University,2016,50(9):1407-1414,1421. [10]TIAN J W,TIAN Z,QI W H,et al.Threat Propagation Based Security Situation Quantitative Assessment in Multi-Node Network[J].Journal of Computer Research and Development,2017,54(4):731-741. [11]ZHAO D M,LIU J X.Study on Network Security Situation Awareness based on Particle Swarm Optimization Algorithm[J/OL].Computers & Industrial Engineering.https://www.sciencedirect.com/science/article/abs/pii/S036083521830007X. [12]WANG H,CHEN Z F,FENG X,et al.Research on Network Security Situation Assessment and Quantification Method Based on Analytic Hierarchy Process[J/OL].Wireless Personal Communications.https://link.springer.com/article/10.1007%2Fs11277-017-5202-3. [13]LIU X W,YU J G,LV W F,et al.Network security situation:From awareness to awareness-control[J].Journal of Network and Computer Applications,2019,139(8):15-30. [14]WU X,YAN Y S,LIU X R.Program Behavior Anomaly Detection Method Based on Improved HMM[J].Netinfo Security,2016,1(9):108-112. [15]SRIVASTAVA A,KUNDU A,SURAL S,et al.Credit card fraud detection using hidden Markov model[J].IEEE Transactions on Dependable and Secure Computing,2008,5(1):37-48. [16]YANG L Q,MENG K,WANG B,et al.A New Detection Technique of SQL Injection Based on Hidden Markov Mode[J].Netinfo Security,2017,1(9):115-118. [17]LI F W,LI Q,ZHU J.Improved method of situation assessment method based on hidden Markov model[J].Journal of Computer Applications,2017,37(5):1331-1334,1340. [18]DAI C H.Seeker Optimization Algorithm and Its Applications[D].Chengdu:Southwest Jiaotong University,2009. |
[1] | 王兵, 吴洪亮, 牛新征. 基于改进势场法的机器人路径规划 Robot Path Planning Based on Improved Potential Field Method 计算机科学, 2022, 49(7): 196-203. https://doi.org/10.11896/jsjkx.210500020 |
[2] | 吕鹏鹏, 王少影, 周文芳, 连阳阳, 高丽芳. 基于进化神经网络的电力信息网安全态势量化方法 Quantitative Method of Power Information Network Security Situation Based on Evolutionary Neural Network 计算机科学, 2022, 49(6A): 588-593. https://doi.org/10.11896/jsjkx.210200151 |
[3] | 唐亮, 李飞. 基于决策树的车联网安全态势预测模型研究 Research on Forecasting Model of Internet of Vehicles Security Situation Based on Decision Tree 计算机科学, 2021, 48(6A): 514-517. https://doi.org/10.11896/jsjkx.200700158 |
[4] | 周益旻, 刘方正, 王勇. 基于混合方法的IPSec VPN加密流量识别 IPSec VPN Encrypted Traffic Identification Based on Hybrid Method 计算机科学, 2021, 48(4): 295-302. https://doi.org/10.11896/jsjkx.200700189 |
[5] | 邓丽, 武金达, 李科学, 卢亚康. 基于TPE的SpaRC算法超参数优化方法 SpaRC Algorithm Hyperparameter Optimization Methodology Based on TPE 计算机科学, 2021, 48(2): 70-75. https://doi.org/10.11896/jsjkx.200500156 |
[6] | 赵冬梅, 宋会倩, 张红斌. 基于时间因子和复合CNN结构的网络安全态势评估 Network Security Situation Based on Time Factor and Composite CNN Structure 计算机科学, 2021, 48(12): 349-356. https://doi.org/10.11896/jsjkx.210400227 |
[7] | 白雪, 努尔布力, 王亚东. 网络安全态势感知研究现状与发展趋势的图谱分析 Map Analysis for Research Status and Development Trend on Network Security Situational Awareness 计算机科学, 2020, 47(6A): 340-343. https://doi.org/10.11896/JsJkx.190500169 |
[8] | 武玉坤,肖杰,李伟,楼吉林. 融合渐近性的灰狼优化支持向量机模型 Support Vector Machine Model Based on Grey Wolf Optimization Fused Asymptotic 计算机科学, 2020, 47(2): 37-43. https://doi.org/10.11896/jsjkx.190100092 |
[9] | 王海涛, 宋丽华, 向婷婷, 刘力军. 人工智能发展的新方向——人机物三元融合智能 New Development Direction of Artificial Intelligence-Human Cyber Physical Ternary Fusion Intelligence 计算机科学, 2020, 47(11A): 1-5. https://doi.org/10.11896/jsjkx.200100053 |
[10] | 吴英杰, 黄鑫, 葛晨, 孙岚. 差分隐私流数据实时发布中的自适应参数优化 Adaptive Parameter Optimization for Real-time Differential Privacy Streaming Data Publication 计算机科学, 2019, 46(9): 99-105. https://doi.org/10.11896/j.issn.1002-137X.2019.09.013 |
[11] | 胡鑫楠. 基于改进型混沌粒子群优化算法的FIR高通数字滤波器设计 FIR High Pass Digital Filter Design Based on Improved Chaos Particle Swarm Optimization Algorithm 计算机科学, 2019, 46(6A): 601-604. |
[12] | 衡红军, 王瑞. 航站楼长期运行态势的评估体系 Long-term Operational Situation Assessment System for Terminal Buildings 计算机科学, 2019, 46(5): 310-314. https://doi.org/10.11896/j.issn.1002-137X.2019.05.048 |
[13] | 柴慧敏, 方敏, 吕少楠. 基于态势评估技术的移动机器人局部路径规划 Local Path Planning of Mobile Robot Based on Situation Assessment Technology 计算机科学, 2019, 46(4): 210-215. https://doi.org/10.11896/j.issn.1002-137X.2019.04.033 |
[14] | 张晓凤,王秀英. 灰狼优化算法研究综述 Comprehensive Review of Grey Wolf Optimization Algorithm 计算机科学, 2019, 46(3): 30-38. https://doi.org/10.11896/j.issn.1002-137X.2019.03.004 |
[15] | 王婷婷, 朱江. 基于差分WGAN的网络安全态势预测 Network Security Situation Forecast Based on Differential WGAN 计算机科学, 2019, 46(11A): 433-437. |
|