摘要
当网络系统遭受拒绝服务Dos攻击时,导致网络系统崩溃,不能提供核心的或者基本的服务,降低了网络数据的机密性与完整性,导致传统方法进行网络容忍入侵能力评估时,无法从这些存在安全隐患的网络数据中选择正常的数据,导致估计模型误差大的问题。提出基于半马尔可夫的网络容忍入侵能力估计的建模方法。利用马尔可夫链算法建立半马尔可夫网络容忍入侵能力模型,获取处于完整性状态的模型稳定概率,在依据入侵对网络系统造成的影响和入侵容忍的功能,构建网络信息机密度、网络信息完整度、系统自律度、服务可用度多项网络容忍入侵能力估计指标并进行定量计算,动态估计出网络容忍入侵能力,建立网络容忍入侵能力估计模型。仿真结果表明,采用改进的方法建立的网络容忍入侵能力估计模型误差小,能准确的估计出实时网络容忍入侵能力。
In this paper, we proposed an evaluation modeling method of network tolerating invasion ability based on Semi-Markov. Firstly, we built tolerating invasion ability model to obtain stability probability of model in integrity status using the Markov chain. Then we constructed multi-term index of tolerating invasion ability, such as network information machine density, integrity, system autonomy and service availability, and carried out quantitative calculation according to influence on network system of invasion and function of tolerating invasion. Finally, we estimated the tolerating invasion ability dynamically and build the estimation model. The simulation results show that the evaluation model based on the modified method has small error. It can evaluate the real-time tolerating invasion ability accurately.
出处
《计算机仿真》
CSCD
北大核心
2016年第7期289-292,共4页
Computer Simulation
关键词
入侵容忍
估计
半马尔可夫
Invasion tolerance
Evaluation
Semi-Markov