基于LSSVM混淆矩阵和改进DS合成的多源传感器网络安全态势预测

Prediction for Network Security Situation Based on LSSVM Confusion Matrix and Improved DS Rules

针对现有的网络安全态势预测方法正确性和合理性难以得到保证,同时不能有效应对不确定情况的问题,设计了一种基于最小二乘支持向量机和改进证据理论的网络安全态势预测方法;首先,将由多源传感器采集的历史标记数据作为样本数据,实现对LSSVM的训练,然后,将当前采集的数据输入LSSVM进行分类,并通过混淆矩阵获得数据对应每个类的概率,为了有效地对采集的数据进行进一步融合,将各类转换为证据,同时将数据相对每个类的概率作为证据的基本信度分配,采用改进的DS证据合成规则对各证据进行融合,实现对网络安全态势的预测,最后,设计了基于LSSVM和改进DS证据合成规则的网络安全状态预测算法;在MATLAB环境下进行实验,实验表明了文中方法能对网络的安全态势进行实时精确的预测,与其它方法相比,具有更高的预测精度,是一种可行的网络安全态势预测方法。

Aiming at the accuracy and soundness of given network security prediction method not being guaranteed and coping with uncertainty problem, a network security situation prediction method based on LSSVM （Least square support vector machine） and improved evidence theory is proposed. Firstly, the history label data is used to train LSSVM, then the current obtained data is input to the LSSVM to get the classification, and the confusion matrix is used to get the probability of the data attributing to the every classification, in order to fuse the data further, all the classification is transformed to the evidence, and the probability for data attributing to the classification is used as the basic probability assignment allocation, using the improved DS evidence synthesis rule to realize the fusion of evidence and the prediction of network security situation. Finally, the algorithm based on LSSVM and improved DS evidence synthesis rule is proposed. The experiment is implemented in MATLAB environment, the experiment shows the method in this paper can realize the accurate prediction for network security situation, and compared with the other methods, it has higher prediction accuracy, so it is a feasible network security situation prediction method.