网络系统资源数据的脆弱性漏洞防御控制仿真

当前漏洞防御控制方法存在着无法准确区分数据类型或脆弱性,需要较高的能量消耗和难以抵御某些未知攻击等不足。针对这些不足,提出网络系统资源数据脆弱性漏洞防御控制方法。根据属性划分网络系统运行数据和历史资源,属性划分后根据漏洞特征相关参数构建强关联规则,结合脆弱性漏洞辨识矩阵和数据关联规则构建漏洞检测模型;计算脆弱性漏洞利用难度,将防御任务优选问题描述为防御成本不高于给定值的条件下,获取造成最小损失的防御措施集的过程。把防御任务优选多目标优化问题转换成单目标优化问题,采用改进的蚁群算法求解优化问题,生成最优防御控制方案。实验结果表明,所提方法可以有效防御已知数据攻击和大部分未知数据攻击,且所需能耗较低。

Vulnerability of Vulnerability Defense Control Simulation of Network System Resource Data

Currently, the methods cannot accurately distinguish data types or vulnerabilities. In this paper, we put forward a method to control and defend vulnerability loophole of network resource data. According to the attributes, we divided the network system operation data and historical resource. After the attribute division, the strong association rule was constructed by the relevant parameters of loophole characteristics. Then, we combined the vulnerability discernibility matrix with the data association rule to construct the loophole detection model. Moreover, we calculated the use difficulty of vulnerability loophole. Meanwhile, we described the problem about selective preference of defense task as the process to obtain the set of defensive measures that caused the minimum loss when the defense cost was not higher than the given value. In addition, we transformed the problem about multi-objective optimization for selective preference of defense task into the problem about the single-objective optimization. Finally, we used the improved ant colony algorithm to solve the optimization problem and thus to generate the optimal scheme of defense control. Simulation results show that the proposed method can effectively defend the known data attacks and most unknown data attacks. Meanwhile, the energy consumption is low.