期刊文献+

基于RSAR的随机森林网络安全态势要素提取 被引量:10

RSAR-based Random Forest Network Security Situation Factor Extraction
下载PDF
导出
摘要 网络安全态势要素提取是开展网络安全态势感知的前提性基础工作,同时也是直接影响网络安全态势感知系统性能的关键性工作之一。文章针对在复杂异构的网络环境下网络安全态势要素难以提取的问题,提出了一种基于粗糙集属性约简(Rough Set Attribute Reduction, RSAR )的随机森林网络安全态势要素提取方法。在该提取方法中,首先通过粗糙集理论确定数据集中每个属性的重要性,对重要程度低的属性进行约简,删除冗余属性;然后,使用随机森林分类器对约简后的数据集进行分类训练。为验证提出方法的有效性,文章使用入侵检测数据集对提出方法进行实验测试,实验结果表明,通过与传统提取方法相比,该方法有效地提高了态势要素提取的准确性,实现了高效提取网络安全态势要素。 The extraction of network security situational elements is a prerequisite for developing network security situational awareness, and it is also one of the key tasks that directly affect the performance of network security situational awareness system. Aiming at the problem that it is difficult to extract network security situation elements in complex heterogeneous network environment, this paper proposes a method based on RSAR (Rough Set Attribute Reduction) for random forest network security situation factor extraction. In this extraction method, firstly, the importance of attributes is determined by rough set theory, and attributes with low importance are reduced and redundant attributes are deleted. Secondly, the processed data is classified using the random forest classifier. In order to verify the efficiency of the algorithm, the improved method is tested by the intrusion detection data set. Compared with the traditional method, the experimental results show that the algorithm effectively improves the accuracy and achieves efficient extraction of network security situation elements.
作者 段詠程 王雨晴 李欣 杨乐 DUAN Yongcheng;WANG Yuqing;LI Xin;YANG Le(College of Information Technology and Network Security,Peoples Public Security University of China,Beijing 100038 China;Key Laboratory of Security Prevention Technology and Risk Assessment,the Ministry of Public Security,Beying 100038,China)
出处 《信息网络安全》 CSCD 北大核心 2019年第7期75-81,共7页 Netinfo Security
基金 国家重点研发计划[2017YFC0803700] 公安部科技强警基础工作专项[2017GABJC38]
关键词 态势感知 态势要素提取 随机森林 粗糙集 situational awareness situation factor extraction random forest rough set
  • 相关文献

参考文献7

二级参考文献57

  • 1陈秀真,郑庆华,管晓宏,林晨光.基于粗糙集理论的主机安全评估方法[J].西安交通大学学报,2004,38(12):1228-1231. 被引量:12
  • 2林志贵,徐立中,严锡君,黄凤辰,刘英平.基于距离测度的D-S证据融合决策方法[J].计算机研究与发展,2006,43(1):169-175. 被引量:6
  • 3陈秀真,郑庆华,管晓宏,林晨光.层次化网络安全威胁态势量化评估方法[J].软件学报,2006,17(4):885-897. 被引量:342
  • 4王慧强,赖积保,朱亮,梁颖.网络态势感知系统研究综述[J].计算机科学,2006,33(10):5-10. 被引量:126
  • 5王娟,张凤荔,傅翀,陈丽莎.网络态势感知中的指标体系研究[J].计算机应用,2007,27(8):1907-1909. 被引量:55
  • 6Bass T. Intrusion detection systems and multisensor data fu- sion:creating cyberspace situational awareness[J]. Communications of the ACM,2000,43(4):99-105.
  • 7Ganame A K, Bourgeois J, Bidou R, et al. Evaluation of the intrusion detection capabilities and performance of a security operation center[C] // Proceedings of the International Conference on Security and Cryptography. Setflbal, Portugal, 2006 :48-55.
  • 8Zhang Z, Li J, et al. A hierarchical network intrusion detection system using statistical preprocessing and neural network classification[C]//Proceeding of the 2nd Annual IEEE Systems, Mans, Cybernetics Information Assurance Workshop. NY, 2001: 85-90.
  • 9Ganame A K, Bourgeois J, Bidou R, et al. A global security architecture for intrusion detection on computer networks [J]. Computers & Security, 2008,27 : 30-47.
  • 10Engelhardt D, Anderson M. A distributed multi-agent architecture for computer security situational awareness[C]//Proceedings of the 6th International Conference of Information Fusion. Cairns, Queensland, Australia, 2003.

共引文献258

同被引文献74

引证文献10

二级引证文献66

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部