计算机工程与设计
計算機工程與設計
계산궤공정여설계
COMPUTER ENGINEERING AND DESIGN
2015年
7期
1706-1711
,共6页
李方伟%孙随%朱江%杨绍成
李方偉%孫隨%硃江%楊紹成
리방위%손수%주강%양소성
网络安全%报警事件%隐马尔可夫模型%量化分析%态势评估
網絡安全%報警事件%隱馬爾可伕模型%量化分析%態勢評估
망락안전%보경사건%은마이가부모형%양화분석%태세평고
network security%alarm events%hidden Markov model (HMM)%quantitative analysis%situation assessment
针对目前日益复杂的网络安全环境,提出一种基于隐马尔可夫模型(HMM )的态势评估方法。以入侵检测系统的输出(报警事件)为处理对象,采用隐马尔可夫随机过程作为分析手段,建立描述网络系统受到攻击后安全状态转移的隐马尔可夫模型;在此基础上,通过Baum‐Welch (BW)算法对模型参数进行优化,使用量化分析方法得到整个网络态势的定量评价。通过实验验证了该方法能比较准确地反映网络的安全态势,具有良好的应用前景。
針對目前日益複雜的網絡安全環境,提齣一種基于隱馬爾可伕模型(HMM )的態勢評估方法。以入侵檢測繫統的輸齣(報警事件)為處理對象,採用隱馬爾可伕隨機過程作為分析手段,建立描述網絡繫統受到攻擊後安全狀態轉移的隱馬爾可伕模型;在此基礎上,通過Baum‐Welch (BW)算法對模型參數進行優化,使用量化分析方法得到整箇網絡態勢的定量評價。通過實驗驗證瞭該方法能比較準確地反映網絡的安全態勢,具有良好的應用前景。
침대목전일익복잡적망락안전배경,제출일충기우은마이가부모형(HMM )적태세평고방법。이입침검측계통적수출(보경사건)위처리대상,채용은마이가부수궤과정작위분석수단,건립묘술망락계통수도공격후안전상태전이적은마이가부모형;재차기출상,통과Baum‐Welch (BW)산법대모형삼수진행우화,사용양화분석방법득도정개망락태세적정량평개。통과실험험증료해방법능비교준학지반영망락적안전태세,구유량호적응용전경。
To cope with the increasingly complex environment of network security ,a situation assessment method based on hid‐den Markov model (HMM) was proposed .The output of intrusion detection system (alarm events) was used as the object ,a hidden Markov random process was taken as an analytical tool ,and a HMM was established to describe the security state transi‐tion after the network system attack .On this basis ,the model parameters were optimized using Baum‐Welch (BW) algorithm , and a quantitative assessment of the situation of the entire network was obtained with quantitative analysis method .The results of the experiment show this method can more accurately reflect the network′s security situation ,and it has a favorable application prospect .