共查询到20条相似文献,搜索用时 15 毫秒
1.
现有研究者采用威胁建模和安全分析系统的方法评估和预测软件定义网络(software defined network, SDN)安全威胁,但该方法未考虑SDN控制器的漏洞利用概率以及设备在网络中的位置,安全评估不准确。针对以上问题,根据设备漏洞利用概率和设备关键度结合PageRank算法,设计了一种计算SDN中各设备重要性的算法;根据SDN攻击图和贝叶斯理论设计了一种度量设备被攻击成功概率的方法。在此基础上设计了一种基于贝叶斯攻击图的SDN安全预测算法,预测攻击者的攻击路径。实验结果显示,该方法能够准确预测攻击者的攻击路径,为安全防御提供更准确的依据。 相似文献
2.
3.
基于改进贝叶斯正则化BP神经网络模型的网络安全态势预测方法研究 总被引:1,自引:0,他引:1
随着互联网的迅速发展,网络安全问题越来越严重,分析及预测网络安网络安全态势,对于网络安全具有重要意义。本文在网络安全态势量化的的基础上,改进贝叶斯算法,提出一种改进型贝叶斯正则化BP神经网络模型的网络安全态势预测方法,通过模拟网络环境进行数据分析,验证了该预测方法可以减小了训练误差和预测误差,提高了对网络安全态势预测精度,证明了该方法的可行性。 相似文献
4.
Aiming at analyzing the influence of multi-step attack,as well as reflecting the system’s security situation accurately and comprehensively,a network security situation evaluation method for multi-step attack was proposed.This method firstly clustered security events into several attack scenes,which was used to identify the attacker.Then the attack path and the attack phase were identified by causal correlation of every scene.Finally,combined with the attack phase as well as the threat index,the quantitative standard was established to evaluate the network security situation.The proposed method is assessed by two network attack-defense experiments,and the results illustrate accuracy and effectiveness of the method. 相似文献
5.
6.
In order to solve the problem of insufficient accuracy of current network security situation prediction methods,a new network security situation prediction model was proposed based on self-correcting coefficient smoothing.Firstly,a network security assessment quantification method was designed to transform the alarm information into situation real value time series based on the entropy correlation degree.Then,the adaptive solution of the static smoothing coefficient was calculated and the predicted initial value was obtained by using the variable domain space.Finally,based on the error category,the time-changing weighted Markov chain was built to modify the initial network situation prediction result and the prediction accuracy was further raised.The prediction model was tested with LL_DOS_1.0 dataset and the experimental results show that the proposed model has higher adaptability and prediction accuracy for network situation time series. 相似文献
7.
8.
To improve the accuracy of the network security situation, a security situation automatic prediction model based on accumulative data preprocess and support vector machine (SVM) optimized by covariance matrix adaptive evolutionary strategy (CMA-ES) is proposed. The proposed model adopts SVM which has strong nonlinear ability. Also, the hyper parameters for SVM are optimized through the CMA-ES which owns good performance in finding optimization automatically. Considering the irregularity of network security situation values, we accumulate the original sequence, so that the internal rules of discrete data can be revealed and it is easy to model. Simulation experiments show that the proposed model has faster convergence-speed and higher prediction accuracy than other extant prediction models. 相似文献
9.
《Digital Communications & Networks》2016,2(3):139-144
The security incidents ion networks are sudden and uncertain, it is very hard to precisely predict the network security situation by traditional methods. In order to improve the prediction accuracy of the network security situation, we build a network security situation prediction model based on Wavelet Neural Network (WNN) with optimized parameters by the Improved Niche Genetic Algorithm (INGA). The proposed model adopts WNN which has strong nonlinear ability and fault-tolerance performance. Also, the parameters for WNN are optimized through the adaptive genetic algorithm (GA) so that WNN searches more effectively. Considering the problem that the adaptive GA converges slowly and easily turns to the premature problem, we introduce a novel niche technology with a dynamic fuzzy clustering and elimination mechanism to solve the premature convergence of the GA. Our final simulation results show that the proposed INGA-WNN prediction model is more reliable and effective, and it achieves faster convergence-speed and higher prediction accuracy than the Genetic Algorithm-Wavelet Neural Network (GA-WNN), Genetic Algorithm-Back Propagation Neural Network (GA-BPNN) and WNN. 相似文献
10.
随着计算机网络技术的高速发展,互联网技术的应用越来越广泛.很快,由传统的防单机病毒,人们更加意识到网络安全的重要性.很多类型的攻击每天都在增加,保护计算机和网络安全是关键问题.MANET在计算机技术方面定义为移动自组网络的工作组,全称为Mobile Ad-hoc NETworks.本文描述了网络安全机密向量、网络安全完整性向量和网络安全可用性向量,并提出了MANET中的主要攻击类型. 相似文献
11.
针对目前传统入侵检测系统难以得出网络攻击行为之间存在的关联关系问题,以攻击图表示模型为指引,提出一种基于贝叶斯网络的攻击事件智能发掘模型。本文以先验知识建立贝叶斯攻击行为关联图。基于属性相似度聚合网络攻击行为,针对网络攻击场景设计高效的ExApriori算法发掘攻击行为间的关联规则,并建立攻击行为组集。利用贝叶斯攻击行为关联图的参数对攻击行为组集进行计算,实现对攻击事件的发掘。实验表明,本模型能有效提取网络攻击事件及发现攻击路径,为网络攻击事件的发现与应对措施提供理论支持和技术支撑。 相似文献
12.
13.
Multi-step attack detection method based on network communication anomaly recognition 总被引:1,自引:0,他引:1
In view of the characteristics of internal fixed business logic,inbound and outbound network access behavior,two classes and four kinds of abnormal behaviors were defined firstly,and then a multi-step attack detection method was proposed based on network communication anomaly recognition.For abnormal sub-graphs and abnormal communication edges detection,graph-based anomaly analysis and wavelet analysis method were respectively proposed to identify abnormal behaviors in network communication,and detect multi-step attacks through anomaly correlation analysis.Experiments are carried out on the DARPA 2000 data set and LANL data set to verify the results.The experimental results show that the proposed method can effectively detect and reconstruct multi-step attack scenarios.The proposed method can effectively monitor multi-step attacks including unknown feature types.It provides a feasible idea for detecting complex multi-step attack patterns such as APT.And the network communication graph greatly reduces the data size,it is suitable for large-scale enterprise network environments. 相似文献
14.
15.
传统电力网络攻击范围预测技术的预测范围不够广,导致电力网络安全性提升效果不明显。为此,提出基于细胞自动机模型的电力网络攻击预测技术。搭建电力细胞自动机模型,将细胞自动机中的细胞看作电力细胞,建立细胞活力值转换规则,将其与攻击者执行攻击概率相结合,预测电力细胞的发展变化。根据中心电力细胞及邻域电力细胞的变化趋势预测电力网络攻击。实验结果表明:在时间因素影响下,提出的基于细胞自动机模型电力网络攻击预测技术的预测攻击节点位置与原始节点基本一致,预测后负荷切除量始终在100 MW以下,本文所提技术的有效性更好。 相似文献
16.
Aiming at the problem of ignoring the impact of attack cost and intrusion intention on network security in the current network risk assessment model,in order to accurately assess the target network risk,a method of network intrusion intention analysis based on Bayesian attack graph was proposed.Based on the atomic attack probability calculated by vulnerability value,attack cost and attack benefit,the static risk assessment model was established in combination with the quantitative attack graph of Bayesian belief network,and the dynamic update model of intrusion intention was used to realize the dynamic assessment of network risk,which provided the basis for the dynamic defense measures of attack surface.Experiments show that the model is not only effective in evaluating the overall security of the network,but also feasible in predicting attack paths. 相似文献
17.
18.