| 基于证据理论物联网安全态势感知方法研究 |
| |
| 作者姓名: | 李剑 董廷鲁 李劼 |
| |
| 作者单位: | 1. 北京邮电大学人工智能学院,北京 100876;2. 北京邮电大学计算机学院(国家示范性软件学院),北京 100876 |
| |
| 基金项目: | 国家自然科学基金(61472048) |
| |
| 摘 要: | 社会物联网技术迅速发展,安全问题日益严重,对简便易用的物联网安全态势感知方法进行了研究.针对当前物联网安全态势感知系统缺乏通用性、过分依赖专家知识的缺点,提出了一种基于改进D-S证据理论的物联网安全态势感知方法.利用模糊高斯隶属函数计算漏洞信息隶属度矩阵,归一化后作为证据分布矩阵;利用改进Topsis方法衡量证据可信度...
|
| 关 键 词: | D-S证据理论 态势感知 物联网安全 时间演化 通用漏洞评分系统 |
Research on IoT security situation awareness method based on evidence theory |
| |
| Authors: | Jian LI Tinglu DONG Jie LI |
| |
| Affiliation: | 1. School of Artificial Intelligence, Beijing University of Posts and Telecommunications, Beijing 100876, China;2. School of Computer Science(National Pilot Software Engineering School), Beijing University of Posts and Telecommunications, Beijing 100876, China |
| |
| Abstract: | The security problem of IoT became more and more serious with its rapid development.Considering that the current IoT security situation awareness system lacks generality and excessively relies on expert knowledge, a IoT security situation awareness method based on improved D-S evidence theory was proposed in this paper.Fuzzy Gaussian membership function was used to calculate the vulnerability information membership matrix, which was normalized as evidence distribution matrix.The improved Topsis method was used to measure the evidence credibility.In order to fully restrain the credibility of conflicting evidence and improve the credibility of mutually supporting evidence, local credibility between two evidence was aggregated and the expected positive and negative solution vectors were improved according to the situation assessment scenario.And the weighted average method was used for vulnerability information fusion, to obtain the result of situational assessment.The result of situational awareness was fused with the time discount and high-risk vulnerability information discount evidence theory.At the same time, the IoT vulnerability information at different moments was considered comprehensively, the evidence was adaptively and dynamically weighted with the ratio information of high-risk vulnerability.The experimental results show that in the fusion of different numbers of evidence bodies and four common conflicting evidence, the improved Topsis method has higher fusion probability on credible proposition.In the aspect of situation assessment, the risk degree of current system is accurately assessed.And in the aspect of situational awareness, this discount evidence theory can predict the probability of high risk and critical risk, which is more effective than the traditional D-S evidence theory.According to this theory, a IoT security situational awareness method process was proposed, which would be used to guide engineering practice.In the future, the relationship between vulnerabilities can be considered and richer information between vulnerabilities can be extracted for vulnerability exploiting, so that the result of situation assessment is more accurate and reasonable.On the other hand, for situational awareness, game theory can be adopted in the process of dynamic game between the attacker and defender. |
| |
| Keywords: | D-S evidence theory situation awareness IoT security time evolution CVSS |
|
| 点击此处可从《》浏览原始摘要信息 |
|
点击此处可从《》下载全文 |
|
