期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于多源融合的网络安全态势层次感知 被引量:7

Hierarchical Awareness of Network Security Situation Based on Multi-source Fusion
下载PDF
导出
摘要 网络安全态势感知是近年来的一种新型安全技术,因其可以解决传统安全技术难以解决的数据源单一、虚警率高等问题,提升对全局安全状况的动态理解能力而备受关注。针对现有的研究,提出一种基于多源融合的网络安全态势层次感知模型,利用蚁群D-S证据组合规则处理多源融合问题,从而减少态势参数赋予主观性强的问题。同时,利用神经网络搜索安全事件的关键特征,降低数据维数,避免维数爆炸,提高实时性。最后采用层次化感知算法,将离散报警映射为动态威胁趋势,提升对网络安全的定量分析能力。仿真结果表明,提出的算法能够提高检测率,降低误警率,可以动态监控网络安全威胁的演化状态。 In recent year,network security situation awareness is an emerging security technology and garners widespread attentions be- cause it can solve the issues that the traditional security technology difficult to deal with, such as a single data source and the high false alarm rate, and enhance the dynamic understanding abilities for the overall security situation. For the current research, a network security situation awareness model is proposed based on multi-source fusion which utilizes ant colony D-S evidence combination role to deal with the multi-source data fusion problem with aim of reducing the subjective dependence of situation parameters. Meanwhile, the neural network is applied for searching key characteristics of security events to reduce data dimension, avoid dimension explosion and improve the real-time performance. It also discusses a hierarchical awareness algorithm and can map the discrete alarms to the dynamic threats tendency in order to improve the capacity of quantitative analysis for network security. The simulation shows that the proposed model and algorithm can improve the detection rate and decrease false alarm rate, and dynamically monitor the evolution of the network security threats.
作者 张淑雯 刘效武 孙雪岩
机构地区 曲阜师范大学信息科学与工程学院
出处 《计算机技术与发展》 2016年第10期77-82,共6页 Computer Technology and Development
基金 山东省高校科技计划项目(J11LG09)
关键词 网络安全态势感知 数据融合 蚁群算法 神经网络 特征选择 network security situation awareness data fusion ant colony optimization neural network feature selection
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献15

  • 1Tim B. Intrusion detection systems and muhisensor data fu-sion: creating cyberspace situational awareness [ J ]. Communi- cations of the ACM,2000,43 (4) :99-105.
  • 2陈秀真,郑庆华,管晓宏,林晨光.层次化网络安全威胁态势量化评估方法[J].软件学报,2006,17(4):885-897. 被引量:341
  • 3Zhang Haoliang, Shi Jinqiao, Chen Xiaojun. A multi-level a- nalysis framework in network security situation awareness[ J]. Procedia Computer Science,2013,17:530-536.
  • 4Sharma C, Kate V. ICARFAD:a novel framework for improved network security situation awareness [ J ]. International Journal of Computer Applications,2014,87 (19) :26-31.
  • 5韦勇,连一峰,冯登国.基于信息融合的网络安全态势评估模型[J].计算机研究与发展,2009,46(3):353-362. 被引量:165
  • 6Zhang Yan, Huang Shuguang. Multi-sensor data fusion for cy- ber security situation awareness [ J ]. Procedia Environmental Sciences ,2011,10 : 1029-1034.
  • 7Wang Chundong,Yu Zhang. Situation evaluate on hierarchical network security based on DS evidence theory [ J ]. Internation- al Journal of Communication Networks and Distributed Sys- tems ,2014,13 (3) :245-256.
  • 8唐成华,汤申生,强保华.DS融合知识的网络安全态势评估及验证[J].计算机科学,2014,41(4):107-110. 被引量:15
  • 9冯学伟,王东霞,马国庆,李津.网络安全态势感知中态势评估关键技术研究[J].计算机工程与应用,2011,47(19):88-92. 被引量:11
  • 10Sung W T. Multi-sensors data fusion system for wireless sen- sots networks of factory monitoring via BPN technology [ J ]. Expert Systems with Applications,2010,37(3) :2124-2131.

二级参考文献40

  • 1冯登国,张阳,张玉清.信息安全风险评估综述[J].通信学报,2004,25(7):10-18. 被引量:307
  • 2陈秀真,郑庆华,管晓宏,林晨光.层次化网络安全威胁态势量化评估方法[J].软件学报,2006,17(4):885-897. 被引量:341
  • 3Lakkaraju K, Yurcik W, Lee A J. NVisionIP: NetFlow visualizations of system state for security situational awareness [C] //Proc of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security. New York: ACM, 2004:65-72
  • 4Yin Xiaoxin, Yurcik W, Treaster M, et al. VisFlowConnect: NetFlow visualizations of link relationships for security situational awareness [C] //Proc of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security. New York: ACM, 2004:26-34
  • 5朱亮,王慧强,郑丽君.网络安全态势可视化研究评述[OL].[2008-01-08].http://www.paper.edu.cn/downloadpaper.php?serial_number=200607-36
  • 6Bass T. Intrusion detection systems & multisensor data fusion: Creating Cyberspace Situational Awareness [J].Communications of the ACM, 2000, 43(4): 99-105
  • 7D'Ambrosio B. Security situation assessment and response evaluation (SSARE) [C]//DISCEX'01. Proceedings: DARPA Information Survivability Conference & Exposition Ⅱ. Los Alamitos: IEEE Computer Society, 2001:387-394
  • 8Gorodetsky V, Karsaev O, Samoilov V. On-line update of situation assessment based on asynchronous data streams [C]//Knowledge Based Intelligent Information and Engineering Systems. Berlin/Heidelberg: Springer, 2004 : 1136-1142
  • 9Yegneswaran V, Barford P, Paxson V. Using Honeynets for Internet situational awareness [C/OL]//Proc of ACM/USENIX Hotnets Ⅳ. 2005 [2008-01-12]. http://www. icir. org/vern/papers/sit-aware-hotnet05. pdf
  • 10Dempster A P. Upper and lower probabilities induced by a multi-valued mapping [J]. Annals of Mathematical Statistics, 1967, 38(2): 325-339

共引文献454

同被引文献86

引证文献7

二级引证文献43

计算机技术与发展
2016年 第10期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部