摘要
针对目前网络安全态势评估大多存在信息来源单一、评估范围有限、模型不易构建、时空开销大且可信度较低等问题,提出了一种多源异构信息融合量化评估网络安全态势的方法。首先,构建分级朴素贝叶斯分类器,快速高效地融合主机上各多源异构非确定性信息源。然后,利用拉普拉斯原理平滑参数学习,优化分类与推理结果。使用数理统计的方法融合网络上各主机的安全指数,量化评估网络安全态势,对当前网络安全状况有一个宏观整体的认识。最后,通过真实网络环境的实验,验证了所提方法在网络安全态势评估中的可行性和有效性。
Concerning the problem that current network security situation assessment has the characteristics of single information source, limited assessment scope, not easy to build model, high time and space complexity and not high credibility, a new method of network security situation assessment is proposed based on multi-source and heterogeneous information fusion. A hierarchical naive Bayesian classifier was constructed based on the theory of Laplace' s principle for smoothing parameter learning in order to optimize the result of classification and inference. The quantization for the network security situation was assessed using the method of mathematical statistics, which can generate every host security index through information fusion. The current network security situation should be understood overall and macroscopically. The feasibility and effectiveness of the proposed method for network security situation assessment are verified by the experiments in real network environment.
出处
《北京航空航天大学学报》
EI
CAS
CSCD
北大核心
2016年第8期1593-1602,共10页
Journal of Beijing University of Aeronautics and Astronautics
基金
国家自然科学基金(61379057
61309027
61073186)
湖南省自然科学基金(2016JJ5034)~~
关键词
多源异构
信息融合
网络安全态势
量化评估
朴素贝叶斯
multi-source and heterogeneous
information fusion
network security situation
quantitative assessment
naive Bayesian
