构建广义立方体感知网络安全态势

文志诚; 陈志刚

doi:10.13700/j.bh.1001-5965.2015.0010

构建广义立方体感知网络安全态势

doi: 10.13700/j.bh.1001-5965.2015.0010

文志诚^1,2,
陈志刚^1, ,

1.
中南大学信息科学与工程学院, 长沙 410083
2. 湖南工业大学计算机与通信学院, 株洲 412007

基金项目: 国家自然科学基金(61073186,61073104,60903058);中南大学博士后基金

详细信息

作者简介:
文志诚(1972-),男,湖南东安人,副教授,zcwen@mail.shu.edu.cn

通讯作者:
陈志刚(1964-),男,湖南益阳人,教授,czg@mail.csu.edu.cn,主要研究方向为网络计算与分布式处理.

中图分类号: TP311
计量
- 文章访问数: 937
- HTML全文浏览量: 79
- PDF下载量: 475
- 被引次数: 0
出版历程
- 收稿日期: 2015-01-05
- 修回日期: 2015-04-10
- 网络出版日期: 2015-10-20

Constructing general cube to be aware of network security situation

WEN Zhicheng^1,2,
Chen Zhigang^{1
, ,}

1.
School of Information Science and Engineering, Central South University, Changsha 410083, China
2. College of Computer and Communication, Hunan University of Technology, Zhuzhou 412007, China

摘要

摘要: 针对大多方法感知范围局限、信息来源单一、空间时间复杂性高及准确性偏差较大等问题,提出了分层感知模型与构建广义立方体感知网络安全态势的方法.将监测到的连续型态势因子数据经"3σ法则"离散化预处理后,聚合在所构建的广义立方体格中,纵向上融合成组件的安全态势,横向上对组件安全态势采用统计的方法融合成网络的安全态势,为增强网络安全性提供可靠的参照依据.利用网络实例数据对所提出的网络安全态势感知模型和算法进行验证,表明了该方法的正确性.
- 网络安全 /
- 态势感知 /
- 网络管理 /
- 信息融合 /
- 广义立方体
Abstract: Concerning the problems of limited current network security situation assessment scope, single information source, higher time and space complexity and larger deviation of the accuracy, a method was put forward to construct general cube, which can be aware of the network security situation. The continuous situation factor data monitored can be pretreated by discretizing by "3σ rule" and aggregated in the general built cube, that fused into component security situation vertically and merged into the network security situation from component security situation using statistical methods horizontally. It can provide reliable reference to enhance network security. Finally, making full use of network data, the network security situation awareness model and algorithm proposed are verified and the experimental results show correctness of this method.
- network security /
- situation awareness /
- network manager /
- information fusion /
- general cube

HTML全文

参考文献(16)

[1]	Bass T.Multi-sensor data fusion for next generation distributed intrusion detection systems[C]∥Proceedings of the'99 IRIS National Symposium on Sensor and Data Fusion.Piscataway,NJ:IEEE Press,1999:24-27.
[2]	Mazur J,Kaderali L.The importance and challenges of bayesian parameter learning in systems biology[J].Model Based Parameter Estimation Contributions in Mathematical and Computational Sciences,2013,4:145-156.
[3]	黄同庆,庄毅.一种实时网络安全态势预测方法[J].小型微型计算机系统,2014,35(2):303-306.Huang T Q,Zhuang Y.An approach to real-time network security situation prediction[J].Journal of Chinese Computer Systems,2014,35(2):303-306(in Chinese).
[4]	Blasch E P,Plano S.JDL level 5 fusion model "user refinement" issues and applications in group tracking[C]∥Proceedings of the Signal Processing,Sensor Fusion,and Target Recognition XI,Spie.Bellingham,WA:SPIE,2002:270-279.
[5]	龚正虎,卓莹.网络态势感知研究[J].软件学报,2010,21(7):1605-1619.Gong Z H,Zhuo Y.Research on cyberspace situational awareness[J].Journal of Software,2010,21(7):1605-1619(in Chinese).
[6]	Bradshaw J M,Carvalho M,Bunch L,et al.Sol:An agent-based framework for cyber situation awareness[J].KI-Künstliche Intelligenz,2012,26(1):127-140.
[7]	Digioia G,Foglietta C,Oliva G,et al.Aware online interdependency modeling via evidence theory[J].International Journal of Critical Infrastructures,2013,6893:74-92.
[8]	Bazan J G,Bazan-Socha S,Buregwa-Czuma S,et al.Classifiers based on data sets and domain knowledge:A rough set approach[J].Intelligent Systems Reference Library,2013,43:93-136.
[9]	Sample C,Schaffer K.An overview of anomaly detection[J].IT Professional,2013,15(1):8-11.
[10]	王宏,龚正虎.一种基于信息熵的关键流量矩阵发现算法[J].软件学报,2009,20(5):1377-1383.Wang H,Gong Z H.Algorithm based on entropy for finding critical traffic matrices[J].Journal of Software,2009,20(5):1377-1383(in Chinese).
[11]	陈秀真,郑庆华,管晓宏,等.层次化网络安全威胁态势量化评估方法[J].软件学报,2006,17(4):885-897.Chen X Z,Zheng Q H,Guan X H,et al.Quantitative hierarchical threat evaluation model for network security[J].Journal of Software,2006,17(4):885-897(in Chinese).
[12]	Görnitz N,Kloft M,Rieck K,et al.Toward supervised anomaly detection[J].Journal of Artificial Intelligence Research,2013,46:235-262.
[13]	Erbachera R F,Frinckeb D A,Wongb P C,et al.A multi-phase network situational awareness cognitive task analysis[J].Information Visualization,2010,9(3):204-219.
[14]	韦勇,连一峰,冯登国.基于信息融合的网络安全态势评估模型[J].计算机研究与发展,2009,46(3):353-362.Wei Y,Lian Y F,Feng D G.A network security situational awareness model based on information fusion[J].Journal of Computer Research and Development,2009,46(3):353-362(in Chinese).
[15]	张勇,谭小彬,崔孝林,等.基于Markov博弈模型的网络安全态势感知方法[J].软件学报,2011,22(3):495-508.Zhang Y,Tan X B,Cui X L,et al.Network security situation awareness approach based on Markov game model[J].Journal of Software,2011,22(3):495-508(in Chinese).
[16]	谢丽霞,王亚超,于巾博.基于神经网络的网络安全态势感知[J].清华大学学报:自然科学版,2013,53(12):1750-1760.Xie L X,Wang Y C,Yu J B.Network security situation awareness based on neural networks[J].Journal of Tsinghua University:Science & Technology,2013,53(12):1750-1760(in Chinese).