DS融合知识的网络安全态势评估及验证

计算机科学 ›› 2014, Vol. 41 ›› Issue (4): 107-110.

DS融合知识的网络安全态势评估及验证

唐成华,汤申生,强保华

桂林电子科技大学广西可信软件重点实验室桂林541004;西密苏里州立大学电子工程学院美国斯普林菲尔德64507;桂林电子科技大学广西可信软件重点实验室桂林541004

出版日期:2018-11-14 发布日期:2018-11-14
基金资助:
本文受国家自然科学基金(61163057,6),广西可信软件重点实验室项目(kx201111),广西信息科学实验中心基金项目(20130329)资助

Assessment and Validation of Network Security Situation Based on DS and Knowledge Fusion

TANG Cheng-hua,TANG Shen-sheng and QIANG Bao-hua

Online:2018-11-14 Published:2018-11-14

摘要/Abstract

摘要： 网络安全态势评估过程具有大量不确定性的复杂影响因素。针对态势评估中存在的正确性和合理性质疑等问题,利用DS证据理论建立了态势指标的识别空间和评估准则,通过专家知识融合的推理,提出了基于DS融合知识的网络安全态势评估方法,同时结合三层网络主机脆弱性指数的计算实验对态势评估的分析实例进行了验证。实验结果表明,该方法具有较好的态势评估效果,为态势评估提供了一种可行的解决方案。

关键词: 网络安全,态势评估,DS证据理论,态势熵,脆弱性

Abstract: Network security situation assessment process has a large number of complex and uncertain influence factors．Aiming at the problem of lack of correctness and rationality in situation assessment,the situation index identification space and evaluation criteria based on the DS evidential theory were set up．The network situation assessment method based on DS and Knowledge Fusion was proposed through expert knowledge fusion reasoning,and the situation assessment case analysis was verified,combining the computation of three-layer network host vulnerability index．Experimental results show that the method has good effect in situation assessment,and thus provides a feasible solution for situation assessment.

Key words: Network security,Situation assessment,DS evidential theory,Situation entropy,Vulnerability

唐成华,汤申生,强保华. DS融合知识的网络安全态势评估及验证[J]. 计算机科学, 2014, 41(4): 107-110. https://doi.org/

TANG Cheng-hua,TANG Shen-sheng and QIANG Bao-hua. Assessment and Validation of Network Security Situation Based on DS and Knowledge Fusion[J]. Computer Science, 2014, 41(4): 107-110. https://doi.org/

参考文献

[1] Farinelli A,Nardi D,Pigliacampo R,et al．Cooperative situation assessment in a maritime scenario[J]．International Journal of Intelligent Systems,2012,27(5):477-501
[2] 付钰,吴晓平,叶清．基于改进FAHP-BN的信息系统安全态势评估方法[J]．通信学报,2009,0(9):135-140
[3] Zhao Jin-hui,Zhou Yu,Shuo Liang-xun．A situation awareness model of system survivability based on variable fuzzy set[J]．Telkomnika,2012,0(8):2239-2246
[4] 姜伟,方滨兴,田志宏,等．基于攻防博弈的网络安全测评和最优主动防御[J]．计算机学报,2009,2(4):817-827
[5] Jakobson G．Mission cyber security situation assessment usingimpact dependency graphs[C]∥Proceedings of the International Conference on Information Fusion (FUSION)．Chicago,IL,USA:IEEE,2011
[6] Kirillov V P．Constructive stochastic temporal reasoning in situation assessment[J]．IEEE Transactions on Systems,Man and Cybernetics,1994,4(8):1099-1113
[7] Miao A X,Zacharias G L,Shih-ping K．Computational situation assessment model for nuclear power plant operations[J]．IEEE Transactions on Systems,Man,and Cybernetics Part A:Systems and Humans,1997,7(6):728-742
[8] Xiao Hai-dong,Li Jian-hua．Analysis of security situation of networks based on knowledge base[J]．WSEAS Transactions on Electronics,2006,3(1):34-39
[9] Holsopple J,Sudit M,Nusinov M,et al．Enhancing situationawareness via automated situation assessment[J]．IEEE Communications Magazine,2010,8(3):146-152
[10] Zhao Jin-jing,Wen Yan,Wang Dong-xia．A network securityevaluation method framework based on multiple criteria decision making theory[C]∥Proceedings of the 5^th International Confe-rence on Innovative Mobile and Internet Services in Ubiquitous Computing．Seoul,Korea:IEEE Comput．Soc,2011:371-375
[11] Feng Xue-wei,Wang Dong-xia,Ma Guo-qing,et al．Security si-tuation assessment based on the DS theory[C]∥Proceedings of the 2^nd International Workshop on Education Technology and Computer Science．Wuhan,China:IEEE Comput．Soc,2010:352-356
[12] 王春雷,方兰,王东霞,等．基于知识发现的网络安全态势感知系统[J].计算机科学,2012,9(7):11-17,4
[13] 唐成华,王鑫,张瑞霞,等．基于态势熵的网络安全态势评估指标体系研究[J]．桂林电子科技大学学报,2011,1(4):270-274
[14] 陈秀真,郑庆华,管晓宏,等．层次化网络安全威胁态势量化评估方法[J]．软件学报,2006,7(4):885-897

Metrics

Viewed

Full text

Abstract

Cited

Shared

Discussed