摘要
针对当前网络攻击环境的复杂性,攻击方法难预测的实际背景,提出将粒子群算法、关联规则、统计的方法和隐马尔科夫相结合,构成一个由粒子群算法优化的隐马尔科夫模型的复合攻击预测系统。该方法首先将原始报警信息进行冗余简化处理,再用关联规则和统计的方法确定状态转移矩阵和观察矩阵,并在参数优化中引入粒子群算法进行全局优化,最后用隐马尔科夫模型中的Forward算法和Viterbi算法对报警信息进行识别和预测。仿真实验验证了此方法的有效性。
In current complex cyber-attack environment,it is difficult to predict the actual attack method.Therefore, a multi-step attack forecasting system is formulated,which integrates PSO algorithm,association rules,statistical methods and hidden Markov model(HMM).Firstly,the original alarm information is simplified through redundancy technology. Then,the state transition matrix and observation matrix are determined using the association rules and statistical methods. And particle swarm optimization algorithm is introduced to achieve global parameter optimization.Finally alarm information is identified and predicted with the Forward algorithm and Viterbi algorithm of hidden Markov model.Simulation results show the effectiveness of this method.
出处
《通信电源技术》
2015年第3期69-71,共3页
Telecom Power Technology
关键词
粒子群
隐马尔科夫
复合攻击
全局优化
particle swarm
hidden Markov
multi-step attack
global optimization
