检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]国网江西省电力科学研究院,江西南昌330096 [2]华东交通大学信息工程学院,江西南昌330013
出 处:《计算机仿真》2016年第6期270-273,共4页Computer Simulation
摘 要:对网络整体的安全态势进行评估可以时刻掌握网络的安全性,随着病毒入侵种类的增多,网络入侵数据呈现多样性,不同的网络入侵对整个网络的破坏程度是不同的,传统的评估方法以特定的权值描述不同的入侵对网络的破坏程度,在对这些评估结果进行权值相加,这种方法没有考虑入侵特征对网络破坏程度的模糊性,效果不佳。提出模糊识别与D-S证据理论的网络安全态势估计模型,采用网络安全态势估计模型对多样性入侵环境下,一级网络节点发送来的网络安全攻击事件状态具体值,进行模糊化处理,完成对网络安全事件状态的初步分类。将CERT的漏洞静态严重性分值和入侵检测系统的报警统计数据当成证据,通过D-S证据理论融合后得到网络漏洞态势值。分析主机的服务及服务权重得到服务安全态势及主机安全态势值,利用主机的安全态势值和权重确定网络安全态势值。仿真结果表明,改进模型结构更加完整,估计准确率更高。A model of network security situation evaluation was proposed based on fuzzy recognition and D - S ev- idence theory. An evaluation model of network security situation was used to make fuzzy processing for the specific value of the state of network security attack event sent from the primary network node under the environment of diver- sity intrusion, and to complete the preliminary classification of the state of network security event. The static severity score of CERT loophole and alarm statistics data of intrusion detection system were taken as the evidences. The situa- tion value of network vulnerability was obtained through the D -S evidence theory fusion. The host service and serv- ice weight were analyzed to obtain the service security situation and the host security situation value, meanwhile, the host security situation value and weight were used to determine the network security situation value. The simulation results show that the structure of improved model is more complete, and the estimation accuracy is higher.
分 类 号:TP393[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.28