期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于神经网络和遗传算法的网络安全事件分析方法 被引量:14

Network Security Events Analyze Method Based on Neural Networks and Genetic Algorithm
原文传递
导出
摘要 传统网络安全事件分析方法较多依赖人工干预,针对该问题提出了一种具备更高自适应能力和自动化程度的网络安全事件分析方法,利用神经网络模型对多种异构事件源产生的数据进行分析,按照不同攻击场景自动分类,基于分类结果提取规则项,利用遗传算法自动生成针对不同攻击场景的关联规则.实验结果表明,该方法可自动完成事件分类和关联规则生成,是对传统方法的有效增强和改进. The traditional network security events analysis methods depend more on human interventions. To address this problem, an automatic and self-adaptive method is presented. The neural network models are used to classify amounts of security events according to various attack scenarios, which can reduce much human intervention. The rule items are extracted from the classification results. And the correlation rules are generated automatically from these items using genetic algorithm. Experiments demonstrate that the method can classify the network security events and generate association rules automatically, so that the degree of automation can be improved. It is an effective enhancement and improvement to the traditional methods.
作者 刘敬 谷利泽 钮心忻 杨义先 李忠献
机构地区 北京邮电大学信息安全中心 国瑞数码安全系统有限公司
出处 《北京邮电大学学报》 EI CAS CSCD 北大核心 2015年第2期50-54,共5页 Journal of Beijing University of Posts and Telecommunications
基金 国家自然科学基金项目(61202082 61121061) 北京邮电大学青年科研创新计划专项项目(2012RC0219 2012RC0311) 国家科技支撑计划项目(2012BAH37B05)
关键词 网络安全事件分析 神经网络 遗传算法 关联规则 network security events analyze neural network generic algorithm correlation rules
分类号 TP391 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献8

  • 1Valdes A, Skinner K. Probabilistic alert correlation [ C ]// Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection. London, UK: Springer, 2001 : 54-68.
  • 2Ning Peng, Cui Yun, Reeves D S. Constructing attack scenarios through correlation of intrusion alerts [ C ] ff Pro- ceedings of the 9th ACM Conference on Computer and Communications Security. New York, US: ACM, 2002: 245 -254.
  • 3Noel S, Robertson E, Jajodia S. Correlating intrusion event sand building attack scenarios through attack graph- distances [ C ]//Proceedings of 20'h Annual Computer Se- curity Applications Conference. Tucson, AZ, US: IEEE Press, 2004: 350-359.
  • 4Wang Lingyu, Liu Anyi, Jajodia S. Using attack graphs for correlating, hypothesizing, and predicting intrusiona- lerts[ J]. Computer Communications, 2006, 29 ( 15 ) : 2917-2933.
  • 5Ahmadinejad S, Jalili S, Abadi M. Ahybrid model for correlating alerts of known and unknown attack scenarios and updating attack graphs [ J ]. Computer Networks, 2011, 55(9) : 2221-2240.
  • 6Anbarestani R, Akbari B, Fathi F. An iterative alert cor- relation method for extracting network intrusion scenarios [ C]//Proceedings of 20th Iranian Conference on Electri- cal Engineering. Tehran: IEEE Press, 2012 : 684-689.
  • 7Wang C, Yang Jimin. Adaptive feature-weighted alertcorrelation system applicable in cloud environment[ C ] ,// Proceedings of 8th Asia Joint Conference on Information Security. Seoul: IEEE Press, 2013: 41-47.
  • 8John Burnham. Magic quadrant for security information and event management [ EB/OL]. Rosten, VA, USA: Internet Society, 2014 [ 2014-06-24 ]. http: //security- intelligence, eom/gartner-2014-magic-quadrant-siem-se- curity.

同被引文献103

引证文献14

二级引证文献60

北京邮电大学学报
2015年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部