資源描述:
《基于信息融合的網(wǎng)絡(luò)安全態(tài)勢(shì)評(píng)估模型.pdf》由會(huì)員上傳分享,免費(fèi)在線閱讀��,更多相關(guān)內(nèi)容在教育資源-天天文庫(kù)��。
1�、萬(wàn)方數(shù)據(jù)計(jì)算機(jī)研究與發(fā)展ISSN1000-12391CN11—1777/TPJournalofComputerResearchandDevelopment46(3):353—362,2009基于信息融合的網(wǎng)絡(luò)安全態(tài)勢(shì)評(píng)估模型韋勇連一峰馮登國(guó)(中國(guó)科學(xué)技術(shù)大學(xué)電子工程與信息科學(xué)系合肥230027)(中國(guó)科學(xué)院軟件研究所信息安全國(guó)家重點(diǎn)實(shí)驗(yàn)室北京100190)(weiyong@is.iscas.a(chǎn)c.cn)ANetworkSecuritySituationalAwarenessModelBasedonInformationFusion
2��、WeiYong�,LianYifeng,andFengDengguo(DepartmentofElectronicEngineeringandInformationScience����,UniversityofScienceandTechnologyofChina,Hefei230027)(StateKeyLaboratoryofInformationSecurity�����,InstituteofSoftzvare��,ChineseAcademyofSciences,Beijing100190)AbstractSecuritysituationa
3���、lawarenesshasbecomeahottopicintheareaofnetworksecurityresearchinrecentyears�����,whichattractstheinterestofmoreandmoredomesticandforeignresearchers.Theexistingsecuritysituationalawarenessmethodsareanalyzedandcomparedindetail.Consideringthecharacteristicsofmulti—sourceinfor
4�����、mationinnetworksecurityresearch.a(chǎn)newnetworksecuritysituationalawarenessmodelbasedoninformationfusionisproposed.Thismodelfusesmulti-sourceinformationfromamassoflogsbyintroducingthemodifiedD—Sevidencetheory�,getsthevaluesofnodessecuritysituationalawarenessbysituationalfa
5�、ctorsfusionusingattacksthreatandvulnerabilityinformationwhichnetworknodeshaveandsuccessfulattacksdependon,computesthevalueofnetworksecuritysituationalawarenessbynodessituationfusionusingserviceinformationofthenetworknodes��,anddrawsthesecurity-situation-graphofnetwork.T
6����、hen,itanalyzesthetimeseriesofthecomputingresultsbyARMAmodeltOforecastthefuturethreatinnetworksecurity.FinallyanexampleofactualnetworkdatasetsisgiventovalidatethenetworksecuritysituationalawarenessmodeIandalgorithm.Theresultsshowthatthismodelandalgorithmismoreeffective
7��、andaccuratethantheexistingsecuritysituationalawarenessmethods.Keywordssecuritysituationalawareness�����;informationfusion;D—Sevidencetheory���;timeseriesanalysis;forecast摘要安全態(tài)勢(shì)評(píng)估是近年來(lái)國(guó)內(nèi)外在網(wǎng)絡(luò)安全領(lǐng)域的研究熱點(diǎn)之一.對(duì)已有的安全態(tài)勢(shì)評(píng)估方法進(jìn)行了詳細(xì)分析和比較�����,針對(duì)網(wǎng)絡(luò)安全中多數(shù)據(jù)源的特點(diǎn)�����,提出基于信息融合的網(wǎng)絡(luò)安全態(tài)勢(shì)評(píng)估模型����,引入改進(jìn)的D—S證據(jù)理論將多數(shù)據(jù)源信
8、息進(jìn)行融合��,利用漏洞信息和服務(wù)信息�,經(jīng)過(guò)態(tài)勢(shì)要素融合和節(jié)點(diǎn)態(tài)勢(shì)融合計(jì)算網(wǎng)絡(luò)安全態(tài)勢(shì),繪制安全態(tài)勢(shì)曲線圖��,同時(shí)對(duì)態(tài)勢(shì)計(jì)算結(jié)果進(jìn)行時(shí)間序列分析����,從而實(shí)現(xiàn)網(wǎng)絡(luò)安全趨勢(shì)的預(yù)測(cè).最后利用網(wǎng)絡(luò)實(shí)例數(shù)據(jù)�,對(duì)所提出的網(wǎng)絡(luò)安全態(tài)勢(shì)評(píng)估模型和算法進(jìn)行了驗(yàn)證���,結(jié)果表明該
