漏洞预测下级联网络安全态势感知研究

Research on Cascaded Networks Security Posture Awareness under Vulnerability Prediction

级联网络的节点信誉度呈现较大差别,会出现较多随机漏洞,导致安全态势评估精度较低。为了提升级联网络安全态势感知精度,提出漏洞预测下级联网络安全态势感知算法。通过布隆过滤器过滤冗余安全态势要素,基于概率统计理论计算和更新节点信誉度,完成数据融合处理。创新性地通过漏洞预测算法实时预测未来漏洞数量,配合预定义的安全策略实施全局融合处理。基于贝叶斯攻击图集合,预测攻击者后续攻击行为。融合安全态势要素和攻击行为预测结果,并以此为依据计算级联网络安全态势,实现级联网络安全态势感知。测试结果表明,所提算法可以准确检测到网络中的全部攻击,报警次数和真实报警次数基本吻合,并可以获取高精度的级联网络安全态势级联融合感知结果。该算法在提升网络安全方面具有有效性和可行性。

The node reputation of cascaded networks present a large difference, and more random vulnerabilities will appear, which leads to a lower accuracy of security posture assessment. To improve the accuracy of security posture awareness of cascaded networks, the security posture awareness algorithm of cascaded networks under vulnerability prediction is proposed. The redundant security posture elements are filtered through Bloom filter, and the node reputation is calculated and updated based on probabilistic statistical theory to complete the data fusion processing. Innovatively, the number of future vulnerabilities is predicted in real time by the vulnerability prediction algorithm, and the global fusion processing is implemented with the predefined security policy. Based on the Bayesian attack graph collection, the attacker ’ s subsequent attack behavior is predicted . Fusion of security posture elements and attack behavior prediction results and based on this to calculate the cascaded networks security posture, to realize the cascaded networks security posture awareness. Test results show that the proposed algorithm can accurately detect all the attacks in the networks, the number of alarms and the real number of alarms basically match and can obtain high-precision cascaded networks security posture cascaded fusion sensing results. The algorithm is effective and feasible in enhancing network security.