期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于DS理论与层次权重的网络安全风险评估 被引量:4

DS THEORY AND HIERARCHICAL WEIGHT BASED NETWORK SECURITY RISK ASSESSMENT
下载PDF
导出
摘要 为了能够自动地对当前网络安全态势进行评估,提出一种层次化的网络安全风险评估方法。其原理是:首先,基于DS证据理论对报警数据进行关联融合;然后,基于权重数值分析法和层次分析技术,自下而上、由局部到整体地计算各个层级的安全态势值。基于真实网络环境的实验结果表明,该方法的评估结果准确性比较高,而且基于分层方法的安全态势表示方法更加直观、易于理解。与现有方法相比,该方法强化了报警数据的证据力度,克服了目前层次式评估系统模糊处理能力不强的缺点。 In order to automatically assess the present network security situation, the authors propose a hierarchical network security risk assessment methodology. Its principles are as follows : first, DS theory is laid as the foundation for correlatively fusing alert data ; then, based on weight value analytical methodology and hierarchical analysis technique, from bottom to top and from local to global, it calculates the security situation value for every hierarchical layer. Experiments based on real network environment illustrate that the assessment results are more accurate;furthermore,the hierarchical methodology based security situation presentation methodology is more straightforward and understandable. Compared with existing methods,the proposed method not only intensifies the evidence about alert data but also overcomes the weakness of present hierarchical assessment systems at fuzzy treating.
作者 张焱 黄曙光 汪永益
机构地区 电子工程学院网络系
出处 《计算机应用与软件》 CSCD 2011年第11期294-297,共4页 Computer Applications and Software
关键词 DS 层次分析 决策 DS( Dempster shafer) Hierarchical analysis Decision making
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献12

  • 1Bass T. Intrusion detection systems and multisensor data fusion [ J ]. Communications of the ACM ,2000,43 (4) :99-105.
  • 2Wang Huiqiang,LAI Jibao,YING Hang. Network security situation awareness based on heterogeneous multi-sensor data fusion and neural network [ C ]//Second International Multisymposium on Computer and Computational Sciences. 2007. Piscataway: Inst. of Elec. and Elec. Eng. Computer Society ,2007:352 - 359.
  • 3韦勇,连一峰.基于日志审计与性能修正算法的网络安全态势评估模型[J].计算机学报,2009,32(4):763-772. 被引量:97
  • 4张勇,谭小彬,崔孝林,奚宏生.基于Markov博弈模型的网络安全态势感知方法[J].软件学报,2011,22(3):495-508. 被引量:109
  • 5赖积保,王颖,王慧强,郑逢斌,周兵.基于多源异构传感器的网络安全态势感知系统结构研究[J].计算机科学,2011,38(3):144-149. 被引量:24
  • 6Endsley M. Design and evaluation for situation awareness enhancement [ C ]//Proceedings of the Human Factors Society 32nd Annual Meeting. 1988. CA: Human Factors and Ergonomics Society, 1988:97 - 101.
  • 7Liu Mixi, Yu Dongmei, Zhang Qiuyu et al. Network security situation assessment based on data fusion [ C]//Workshop on Knowledge Discovery and Data Mining. 2008. Adelaide : Inst. of Elec. and Elec. Eng. Computer Society,2008:542 - 545.
  • 8Sentz K, Ferson S. Combination of evidence in dempster-shafer theory, SAND2000 -0835 [R]. Washington:Unlimited Release,2002.
  • 9Mei Haibin, Gong Jian. Intrusion alert correlation based on d-s evidence theory[C]//Proceedings of the Second International Conference on Communications and Networking in China. 2007. Piscataway : Institute of Electrical and Electronics Engineers Inc. ,2008:377 -381.
  • 10TIAN Junfeng,ZHAO Weidong, DU Ruizhong. D-S evidence theory and its data fusion application in intrusion detection [J]. Lecture Notes in Computer Science,2006,3802 ( 11 ) :244 - 251.

二级参考文献20

共引文献484

同被引文献49

  • 1陈秀真,郑庆华,管晓宏,林晨光.层次化网络安全威胁态势量化评估方法[J].软件学报,2006,17(4):885-897. 被引量:341
  • 2Bass T.Intrusion systems and multisensor data fusion:creating cyber-space situational awareness[J].Communications of the ACM,2000,43(4):99-105.
  • 3Yroik W.Visualizing NetFIows for Security at Line Speed:The SIFTTool Suite[C]//19th Usenix Large Installation System AdministrationConference(LISA),San Diego,CA USA,Dec.2005.
  • 4Stephen L.The Spinning Cube of Potential Doom[J].CommunicationsACM,2004,47(6):25-26.
  • 5Huiqiang W,Liang Z,Jibao L.Study of Network Security SituationAwareness Model Based on Simple Additive Weight and Grey Theory[C]//Proceedings of 2006 International Conference on ComputationalIntelligence and Security,ICCIAS2006.Harbin,China:Harbin IndustrialUniversity,2006:1545-1548.
  • 6Batsel S G1Rao I N S,Shankar M.Distributed Intrusion Detection andAttack Containment for Organizational Cyber Security[EB/OL].http://www.ioc.om.l gov/projects/ documents/containment,pdf.2005.
  • 7Dempster A P.Upper and lower probabilities induced by a multi-valuedmapping[J].Ann Math Statist,1967,38(2):325-339.
  • 8Yager R.On the dempster-shafer framework and new combination rules[J].Information Sciences,1987,41(2):93-137.
  • 9中国互联网络信息中心.第31次中国互联网络发展状况统计报告[EB/OL]. http://www.cnnic.net.cn/hlwfzyj/hlwxzbg/hlwtjb/201403/ t20140305_46239.htm, 2014-03-05..
  • 10Tim Bass. Intrusion Detection Systems and Multi sensor Data Fusion:Creating Cyberspace Situational Awareness[J].{H}Communications of the ACM,2000,(4):99-105.

引证文献4

二级引证文献30

计算机应用与软件
2011年 第11期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部