基于过往入侵特征分析潜在网络威胁检测仿真  被引量:16

Based on Feature Analysis of Past Invasion Threat Detection Potential Network Simulation

在线阅读下载全文

作  者:胡海峰[1] 周改云[2] 刘云霞[3] 

机构地区:[1]平顶山学院计算机科学与技术学院,河南平顶山467000 [2]平顶山学院软件学院,河南平顶山467000 [3]华中科技大学计算机科学与技术学院,河北武汉430074

出  处:《计算机仿真》2016年第2期322-325,共4页Computer Simulation

基  金:2014年度河南省重点科技攻关项目(142102210225)

摘  要:在对潜在网络威胁进行检测的过程中,由于入侵主体特征大都比较类似,以及网络威胁目标分散,导致传统的网络威胁检测方法,采集的入侵特征存在较强的相似性,造成无法有效检测入侵事件的状态,漏检率过高等问题。提出采用过往入侵特征分析的潜在网络威胁检测方法,通过有限自动机模型对潜在网络威胁过程进行仿真。将潜在网络威胁事件导致的安全问题看作是一个扩展的有限状态自动机,给出潜在网络威胁模型及状态转移图。通过计算机树逻辑获取潜在网络威胁目标集合。通过网络操作人员与操作行为之间的关系得到层次映射关系模型,对其进行融合处理,求出过往入侵操作行为特征及网络操作行为的威胁特征。将过往入侵特征参数作为潜在网络威胁检测模型的输入数据,设置潜在威胁阈值,可以有效实现对潜在网络威胁的检测。仿真结果表明,所提方法具有很高的检测精度。In testing,in the process of potential threats due to the invasion of the body characteristics were similar,as well as the network threat target dispersion,lead to the traditional network threat detection method,collecting the characteristics of the existing strong similarity,produce a state cannot be effective intrusion detection,leak rate is too high. Based on past invasion characteristics analysis of potential threat detection network,through the finite automaton model to simulate the process of potential threats. Threat events lead to potential network security issues as an extension of finite state automaton,potential network threat model and state transition diagram is given. Tree logic for potential by computer network threat target set. Through the network operators and operating behavior level mapping relation model of relationship between fusion processing,to take the past invasion operation behavior characteristics and the threat of network operation behavior characteristics. Passing invasion characteristic parameters as input data to potential network threat detection model,set up the potential threat threshold,can effectively realize the detection of potential threats. The simulation results show that the proposed method is of high precision.

关 键 词:过往 入侵特征 潜在 网络威胁 

分 类 号:TP391[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象