摘要
文章分析和比较了目前的安全态势评估方法,提出了一种基于日志审计与性能修正算法的网络安全态势评估模型.首先利用日志审计评估节点理论安全威胁,并通过性能修正算法计算节点安全态势.然后利用节点服务信息计算网络安全态势,并且采用多种预测模型对网络安全态势进行预测,绘制安全态势曲线图.最后构建了一个网络实例,使用网络仿真软件对文中提出的态势评估模型和算法进行了验证.实验证明该方法切实有效,比传统方法更准确地反映了网络的安全态势和发展趋势.
This paper analyzes and compares the existing situational awareness methods and proposes a network security situational awareness model based on log audit and performance correction algorithm. First, nodes theoretic security threat is got by log audit and the value of nodes security situation is computed by performance correction algorithm. Then the value of network security situation is computed using service information, the future threat is predicted by several prediction models, and the Security Situational Graph (SSG) is drawn. Finally an example is given to validate the network security situational awareness model and algorithm by simulation software. The example proves that the model is more effective and accurate to reflect the network security situational and its trends than traditional methods.
出处
《计算机学报》
EI
CSCD
北大核心
2009年第4期763-772,共10页
Chinese Journal of Computers
基金
国家"八六三"高技术研究发展计划项目基金(2006AA01Z437
2007AA01Z475
2006AA01Z412
2006AA01Z433)资助~~
关键词
安全态势评估
日志审计
性能修正
安全态势曲线图
预测
security situational awareness
log audit
performance correction
security situational graph
predict