计算机工程与应用
計算機工程與應用
계산궤공정여응용
COMPUTER ENGINEERING AND APPLICATIONS
2015年
17期
96-101
,共6页
陈虹%王飞%肖振久%孙丽娜
陳虹%王飛%肖振久%孫麗娜
진홍%왕비%초진구%손려나
网络安全态势评估%主机安全态势%链路安全态势%D-S证据理论
網絡安全態勢評估%主機安全態勢%鏈路安全態勢%D-S證據理論
망락안전태세평고%주궤안전태세%련로안전태세%D-S증거이론
network security situation evaluation%host security situation%link security situation%D-S evidence theory
网络安全态势评估是目前网络安全领域的研究热点之一。对国内外已有的网络安全态势评估方法进行了分析和比较,提出一种融合多源数据的网络安全态势定量评估模型。同时考虑主机和链路对网络安全态势的影响,将网络安全态势指标归纳为主机安全指标和链路安全指标。采用改进D-S证据理论融合日志记录、告警信息和其他探针数据,得到精简的主机安全事件集合和链路安全事件集合。依据相应的服务信息分别计算主机安全态势和链路安全态势,实现网络安全态势定量评估。通过网络仿真软件构建网络实例,对所提出的网络安全态势评估模型进行了验证,实验结果表明该模型可以准确地对网络安全态势进行定量评估,评估结果能够客观地反映网络安全态势的变化趋势。
網絡安全態勢評估是目前網絡安全領域的研究熱點之一。對國內外已有的網絡安全態勢評估方法進行瞭分析和比較,提齣一種融閤多源數據的網絡安全態勢定量評估模型。同時攷慮主機和鏈路對網絡安全態勢的影響,將網絡安全態勢指標歸納為主機安全指標和鏈路安全指標。採用改進D-S證據理論融閤日誌記錄、告警信息和其他探針數據,得到精簡的主機安全事件集閤和鏈路安全事件集閤。依據相應的服務信息分彆計算主機安全態勢和鏈路安全態勢,實現網絡安全態勢定量評估。通過網絡倣真軟件構建網絡實例,對所提齣的網絡安全態勢評估模型進行瞭驗證,實驗結果錶明該模型可以準確地對網絡安全態勢進行定量評估,評估結果能夠客觀地反映網絡安全態勢的變化趨勢。
망락안전태세평고시목전망락안전영역적연구열점지일。대국내외이유적망락안전태세평고방법진행료분석화비교,제출일충융합다원수거적망락안전태세정량평고모형。동시고필주궤화련로대망락안전태세적영향,장망락안전태세지표귀납위주궤안전지표화련로안전지표。채용개진D-S증거이론융합일지기록、고경신식화기타탐침수거,득도정간적주궤안전사건집합화련로안전사건집합。의거상응적복무신식분별계산주궤안전태세화련로안전태세,실현망락안전태세정량평고。통과망락방진연건구건망락실례,대소제출적망락안전태세평고모형진행료험증,실험결과표명해모형가이준학지대망락안전태세진행정량평고,평고결과능구객관지반영망락안전태세적변화추세。
Network security situation assessment is one of the hottest topics in the field of network security. After analyz-ing and comparing the existing network security situation assessment methods at home and abroad, it proposes a network security situation quantitative assessment model fusing multi-source data. Considering the affection that the hosts and links have on the network security situation, network security situation indicators are grouped into host security indicators and link safety indicators. The streamlined host security event set and link security event set are gotten by using the im-proved D-S evidence theory to fuse logging, alarm, and other probe data. Network security situation quantitative assess-ment is implemented by computing the host security situation and the link security situation based on the corresponding service information. An instance is given to validate the proposed network security situation assessment model by network simulation software. Experimental results show that the model can accurately achieve the network security situation quan-titative evaluation, and the assessment results can objectively reflect the trend of network security situation.