电光与控制
電光與控製
전광여공제
ELECTRONICS OPTICS & CONTROL
2015年
1期
39-44
,共6页
网络安全%模糊评价%隐马尔可夫模型%复合攻击%报警信息
網絡安全%模糊評價%隱馬爾可伕模型%複閤攻擊%報警信息
망락안전%모호평개%은마이가부모형%복합공격%보경신식
network security%fuzzy evaluation%hidden Markov model%multi-stage attack%alarm information
通过对复合式攻击预测方法的研究,将关联规则、模糊评价法和隐马尔可夫模型相结合,提出了基于模糊—隐马尔可夫模型的复合式攻击预测方法。该方法首先将原始报警信息融合为超级报警信息,进而基于攻击行为的初始概率分布确定初始状态矩阵,根据关联规则确定状态转移矩阵,应用模糊判别法确定观察矩阵,最后应用隐马尔可夫模型中的Forward算法对报警信息隶属的攻击场景进行了识别,Viterbi算法对攻击意图序列进行了预测。仿真实验验证了该方法的有效性。
通過對複閤式攻擊預測方法的研究,將關聯規則、模糊評價法和隱馬爾可伕模型相結閤,提齣瞭基于模糊—隱馬爾可伕模型的複閤式攻擊預測方法。該方法首先將原始報警信息融閤為超級報警信息,進而基于攻擊行為的初始概率分佈確定初始狀態矩陣,根據關聯規則確定狀態轉移矩陣,應用模糊判彆法確定觀察矩陣,最後應用隱馬爾可伕模型中的Forward算法對報警信息隸屬的攻擊場景進行瞭識彆,Viterbi算法對攻擊意圖序列進行瞭預測。倣真實驗驗證瞭該方法的有效性。
통과대복합식공격예측방법적연구,장관련규칙、모호평개법화은마이가부모형상결합,제출료기우모호—은마이가부모형적복합식공격예측방법。해방법수선장원시보경신식융합위초급보경신식,진이기우공격행위적초시개솔분포학정초시상태구진,근거관련규칙학정상태전이구진,응용모호판별법학정관찰구진,최후응용은마이가부모형중적Forward산법대보경신식대속적공격장경진행료식별,Viterbi산법대공격의도서렬진행료예측。방진실험험증료해방법적유효성。
Through study on methods for forecasting multi-stage attack,we proposed a forecasting approach based on fuzzy,Hidden Markov Model ( HMM) by integrating the association rule,fuzzy evaluation method and hidden Markov model together .Firstly,the original alarm information was fused into hyper alarm information.Secondly,the initial state matrix was obtained by the initial probability of the attack behaviors, the state transition matrix was determined according to the association rule ,and the observation matrix was obtained by fuzzy evaluation .Finally,the attack scenarios leading to the alarm information were recognized by the Forward algorithm of HMM,and the next possible attack sequence was forecasted by the Viterbi algorithm of HMM.The results of simulation experiments verify the validity of this approach .
