检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]西安电子科技大学计算机网络与信息安全教育部重点试验室,西安710071 [2]河北科技大学信息科学与工程学院,石家庄050054
出 处:《计算机学报》2009年第4期784-792,共9页Chinese Journal of Computers
基 金:国家“八六三”高技术研究发展计划项目基金(2007AA01Z429,2007AA01Z405);国家自然科学基金重点项目(60633020);国家自然科学基金(60573036,60702059,60503012,60803150,60743005);陕西省“13115”科技创新工程重大科技专项基金(2007ZDKG-56)资助~~
摘 要:利用系统访问控制关系,定义了主体、客体两个偏序结构和二者间的映射关系,建立了分层映射内部威胁模型;利用此模型定义了表征系统内部威胁状态的内部威胁云模型,并设计了基于云模型的感知算法,实现了对系统内部威胁的评测感知.基于云模型的内部威胁感知算法,利用云模型从多角度将系统的定性、定量内部威胁特征融合分析、决策,克服了原有方法不能同时定量定性分析内部威胁的缺陷,提高了感知的准确性和客观性.实验结果表明,此算法能够实时、有效地感知系统的内部安全威胁.Using the access control relationship, the partial-order structures of subjects and objects in the system and their mapping relationship are defined, and a hierarchy-mapping based insider threat model is developed on these definitions. Then, this model is applied to build a cloud model which characterizes the states of insider threat in the system. Based on the proposed cloud model, an algorithm, which improves the accuracy and objectivity in evaluation, is also designed for sensing the insider threat in the system. Compared to the previous works, the algorithm could analyze threats of the system in various respects and makes decision qualitatively and quantitatively. As a result, the experiments show that the algorithm could effectively sense the insider threat in real-time.
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.69
