基于认知诊断理论的网络安全自适应测试技术

doi:10.11896/j.issn.1002-137X.2019.07.016

摘要/Abstract

摘要： 为进一步研究人员的网络安全素养,准确诊断人员网络安全知识和技能的水平,结合心理测量学和计算机测试技术,开发了基于认知诊断的多级属性评分的自适应测试技术。首先,为更好适应多元化复杂的网络安全知识结构且便于测试模型,在网络安全领域设计了复杂的层级网络安全知识库模型;然后,在多级评分认知诊断模型的基础上引入了属性层级的概念进行综合改进,并提出了准确、高效的参数估计方法和同模型相适应的选题策略。实验结果表明,多级属性评分的网络安全自适应测试技术较传统的多级评分模型提高了10.5%的效率,为计算机自适应测试领域的研究提供了参考。

关键词: PH-DINA, 认知诊断, 素养测评, 网络安全, 自适应测试

Abstract: To further effectively study the cybersecurity literacy of personnel and accurately diagnose the specific level of personnel knowledge and skills,the paper developed adaptive cybersecurity testing technology based on multi-level attributes scoring of cognitive diagnosis by combining psychometrics and computer testing technology.Firstly,a hierarchical cybersecurity knowledge model is designed for better adapting to the complex knowledge structure and verifying the research.Then,the hierarchy of attribute is input based on polytomous scoring cognitive diagnosis model to implement comprehensive improvements.Accurate and efficient parameter estimation method and suitable selection strategy are proposed to improve performance.The experimental results show that the adaptive cybersecurity testing technology of multi-level attributes scoring improves the efficiency by 10.5% compared with the traditional multi-level scoring model,which provides a reference to the research of computerized adaptive testing.

Key words: Adaptive testing, Cognitive diagnostic, Cybersecurity, Evaluation of literacy, PH-DINA

中图分类号:

TP309.2

齐斌,王宇,邹红霞,李冀兴. 基于认知诊断理论的网络安全自适应测试技术[J]. 计算机科学, 2019, 46(7): 102-107. https://doi.org/10.11896/j.issn.1002-137X.2019.07.016

QI Bin,WANG Yu,ZOU Hong-xia,LI Ji-xing. Adaptive Testing Technology Based on Cognitive Diagnostic in Cybersecurity[J]. Computer Science, 2019, 46(7): 102-107. https://doi.org/10.11896/j.issn.1002-137X.2019.07.016

参考文献

[1]CONTEH N Y,SCHMICK P J.Cybersecurity:risks,vulnerabi- lities and countermeasures to prevent social engineering attacks[J].International Journal of Advanced Research in Computer Science,2016,6(23):31-38. [2]GRATIAN M,BANDI S,CUKIER M,et al.Correlating Human Traits and Cybersecurity Behavior Intentions[J].Computers & Security,2018,73(3):345-358. [3]BASSETT G.System and method for cyber security analysis and human behavior prediction:US 20160205122. A1[P].2016-3-22. [4]YOUNG H,VLIET T V,VEN J V D,et al.Understanding Human Factors in Cyber Security as a Dynamic System[C]∥AHFE 2017:8th International Conference on Applied Human Factors and Ergonomics.Los Angeles,Springer,2017:244-254. [5]ZHANG H L,YU H N,FANG B X,et al.Research on China’s cyberspace security practice qualification system [J].Chinese Engineering Science,2016,18(6):44-48.(in Chinese) 张宏莉,于海宁,方滨兴,等.我国网络空间安全执业资格认证体系研究[J].中国工程科学,2016,18(6):44-48. [6]SMITS N,PAAP M C S,B HNKE J R.Some recommendations for developing multidimensional computerized adaptive tests for patient-reported outcomes[J].Quality of Life Research,2018,27(4):1055-1063. [7]GU Y,XU G.The Sufficient and Necessary Condition for the Identifiability and Estimability of the DINA Model[J].Psychometrika,2018(2):1-16. [8]TORRE J D L,MINCHEN N.Cognitively Diagnostic Assessments and the Cognitive Diagnosis Model Framework[J].Psicología Educativa,2014,20(2):89-97 [9]MCS P,KROEZE K A,TERWEE C B,et al.Item usage in a multidimensional computerized adaptive test (MCAT) measu-ring health-related quality of life[J].Quality Life of Research,2017,26(11):2909-2918. [10]RAJ R K,PARRISH A.Toward Standards in Undergraduate Cybersecurity Education in 2018[J].Computer,2018,51(2):72-75. [11]QI B,WANG Y,ZOU H X,et al.The Analysis of Measurement Method in the Knowledge System of Network Security Based on Information Entropy[C]∥ICCT 2017:17th IEEE International Conference on Communication Technology.Sichuan,China:IEEE Press,2017:1328-1333. [12]TU D B,CAI Y,DAI H Q,et al.A Polytomous Cognitive Diagnosis Model:P-DINA Model[J].Acta PsychologicaSinica,2010,42(10):1011-1020.(in Chinese) 涂冬波,蔡艳,戴海琦,等.一种多级评分的认知诊断模型:P-DINA模型的开发[J].心理学报,2010,42(10):1011-1020. [13]CAI Y,MIAO Y,TU D B.The polytomously scored cognitive diagnosis computerized adaptive testing[J].Acta PsychologicaSinica,2016,48(10):1338-1346.(in Chinese) 蔡艳,苗莹,涂冬波.多级评分的认知诊断计算机化适应测验[J].心理学报,2016,48(10):1338-1346. [14]XU G.Identifiability of restricted latent class models with binary responses[J].The Annals of Statistics,2017,45(2):675-707. [15]HSU C L,WANG W C,CHEN S Y.Variable-Length Computerized Adaptive Testing Based on Cognitive Diagnosis Models.[J].Applied Psychological Measurement,2013,37(7):563-582. [16]KAPLAN M,TORRE J D L,BARRADA J R.New Item Selec- tion Methods for Cognitive Diagnosis Computerized Adaptive Testing[J].Applied Psychological Measurement,2015,39(3):167-188.

相关文章 15

[1]	柳杰灵, 凌晓波, 张蕾, 王博, 王之梁, 李子木, 张辉, 杨家海, 吴程楠. 基于战术关联的网络安全风险评估框架 Network Security Risk Assessment Framework Based on Tactical Correlation 计算机科学, 2022, 49(9): 306-311. https://doi.org/10.11896/jsjkx.210600171
[2]	王磊, 李晓宇. 基于随机洋葱路由的LBS移动隐私保护方案 LBS Mobile Privacy Protection Scheme Based on Random Onion Routing 计算机科学, 2022, 49(9): 347-354. https://doi.org/10.11896/jsjkx.210800077
[3]	赵冬梅, 吴亚星, 张红斌. 基于IPSO-BiLSTM的网络安全态势预测 Network Security Situation Prediction Based on IPSO-BiLSTM 计算机科学, 2022, 49(7): 357-362. https://doi.org/10.11896/jsjkx.210900103
[4]	邓凯, 杨频, 李益洲, 杨星, 曾凡瑞, 张振毓. 一种可快速迁移的领域知识图谱构建方法 Fast and Transmissible Domain Knowledge Graph Construction Method 计算机科学, 2022, 49(6A): 100-108. https://doi.org/10.11896/jsjkx.210900018
[5]	陶礼靖, 邱菡, 朱俊虎, 李航天. 面向网络安全训练评估的受训者行为描述模型 Model for the Description of Trainee Behavior for Cyber Security Exercises Assessment 计算机科学, 2022, 49(6A): 480-484. https://doi.org/10.11896/jsjkx.210800048
[6]	杜鸿毅, 杨华, 刘艳红, 杨鸿鹏. 基于网络媒体的非线性动力学信息传播模型 Nonlinear Dynamics Information Dissemination Model Based on Network Media 计算机科学, 2022, 49(6A): 280-284. https://doi.org/10.11896/jsjkx.210500043
[7]	吕鹏鹏, 王少影, 周文芳, 连阳阳, 高丽芳. 基于进化神经网络的电力信息网安全态势量化方法 Quantitative Method of Power Information Network Security Situation Based on Evolutionary Neural Network 计算机科学, 2022, 49(6A): 588-593. https://doi.org/10.11896/jsjkx.210200151
[8]	张师鹏, 李永忠. 基于降噪自编码器和三支决策的入侵检测方法 Intrusion Detection Method Based on Denoising Autoencoder and Three-way Decisions 计算机科学, 2021, 48(9): 345-351. https://doi.org/10.11896/jsjkx.200500059
[9]	周仕承, 刘京菊, 钟晓峰, 卢灿举. 基于深度强化学习的智能化渗透测试路径发现 Intelligent Penetration Testing Path Discovery Based on Deep Reinforcement Learning 计算机科学, 2021, 48(7): 40-46. https://doi.org/10.11896/jsjkx.210400057
[10]	李贝贝, 宋佳芮, 杜卿芸, 何俊江. DRL-IDS:基于深度强化学习的工业物联网入侵检测系统 DRL-IDS:Deep Reinforcement Learning Based Intrusion Detection System for Industrial Internet of Things 计算机科学, 2021, 48(7): 47-54. https://doi.org/10.11896/jsjkx.210400021
[11]	黄梅根, 刘川, 杜欢, 刘佳乐. 基于知识图谱的认知诊断模型及其在教辅中的应用研究 Research on Cognitive Diagnosis Model Based on Knowledge Graph and Its Application in Teaching Assistant 计算机科学, 2021, 48(6A): 644-648. https://doi.org/10.11896/jsjkx.200700163
[12]	陈海彪, 黄声勇, 蔡洁锐. 一个基于智能电网的跨层路由的信任评估协议 Trust Evaluation Protocol for Cross-layer Routing Based on Smart Grid 计算机科学, 2021, 48(6A): 491-497. https://doi.org/10.11896/jsjkx.201000169
[13]	王金恒, 单志龙, 谭汉松, 王煜林. 基于遗传优化PNN神经网络的网络安全态势评估 Network Security Situation Assessment Based on Genetic Optimized PNN Neural Network 计算机科学, 2021, 48(6): 338-342. https://doi.org/10.11896/jsjkx.201200239
[14]	张凯, 刘京菊. 基于吸收Markov链的网络入侵路径分析方法 Attack Path Analysis Method Based on Absorbing Markov Chain 计算机科学, 2021, 48(5): 294-300. https://doi.org/10.11896/jsjkx.200700108
[15]	陈明豪, 祝跃飞, 芦斌, 翟懿, 李玎. 基于Attention-CNN的加密流量应用类型识别 Classification of Application Type of Encrypted Traffic Based on Attention-CNN 计算机科学, 2021, 48(4): 325-332. https://doi.org/10.11896/jsjkx.200900155

Metrics

Viewed

Full text

Abstract

Cited

Shared

Discussed