计算机应用与软件
計算機應用與軟件
계산궤응용여연건
COMPUTER APPLICATIONS AND SOFTWARE
2013年
12期
64-68
,共5页
网络安全%态势评估%隐马尔可夫模型%模糊层次分析
網絡安全%態勢評估%隱馬爾可伕模型%模糊層次分析
망락안전%태세평고%은마이가부모형%모호층차분석
Network security%Situation assessment%Hidden%Markov model%Fuzzy analytic hierarchy process
为了评估网络系统的实时安全态势,针对现有方法评估对象局限于服务主机、未综合考虑攻防两方面信息等局限性,建立了一种网络安全态势量化评估模型。模型自上而下包括网络系统、设备、设备节点、攻击四个层次,涵盖了网络系统中的所有资源,采用先局部后整体的评估策略。运用隐马尔可夫模型从攻击威胁与自身风险两方面对设备节点的安全状况进行评估,最后加权求和得出网络系统的整体安全态势。实验结果表明,该评估方法能较好地反映网络系统的态势走向。
為瞭評估網絡繫統的實時安全態勢,針對現有方法評估對象跼限于服務主機、未綜閤攷慮攻防兩方麵信息等跼限性,建立瞭一種網絡安全態勢量化評估模型。模型自上而下包括網絡繫統、設備、設備節點、攻擊四箇層次,涵蓋瞭網絡繫統中的所有資源,採用先跼部後整體的評估策略。運用隱馬爾可伕模型從攻擊威脅與自身風險兩方麵對設備節點的安全狀況進行評估,最後加權求和得齣網絡繫統的整體安全態勢。實驗結果錶明,該評估方法能較好地反映網絡繫統的態勢走嚮。
위료평고망락계통적실시안전태세,침대현유방법평고대상국한우복무주궤、미종합고필공방량방면신식등국한성,건립료일충망락안전태세양화평고모형。모형자상이하포괄망락계통、설비、설비절점、공격사개층차,함개료망락계통중적소유자원,채용선국부후정체적평고책략。운용은마이가부모형종공격위협여자신풍험량방면대설비절점적안전상황진행평고,최후가권구화득출망락계통적정체안전태세。실험결과표명,해평고방법능교호지반영망락계통적태세주향。
In order to estimate real-time security situation of the network , we build a quantified network security situation assessment mod-el aiming at the limitations of existing method that the evaluating objects are restricted to services hosts but not takes both the attack and de -fense information into consideration .The model has four levels from top to bottom , including the network system , equipments , equipment nodes and attacks , covers all resources in the network system , and the assessment strategy of “from part to whole” is adopted.The security condition of the equipments node is evaluated from both aspects of attacking threat and self risk based on hidden Markov model , and the whole security situation of network system is educed from weighted summarisation finally .Experimental results show that the method can well depict the situation trend of the network system .