云平台下非连续威胁数据优化检测仿真  

作　　者：马国兵[1] 胡克勇 MA Guo-bing, HU Ke-yong(College of Computer Engineering, Qingdao University of Technology, Qingdao Shandong266520, Chin)

机构地区：[1]青岛理工大学计算机工程学院,山东青岛266520

出　　处：《计算机仿真》2018年第5期426-430,共5页Computer Simulation

基　　金：山东省自然科学基金项目(ZR2016FB21)

摘　　要：由于非连续威胁数据的非连续性,其属性及特征未能及时获取,使得威胁数据特征不全面。传统的检测方法,主要通过采集非连续威胁数据的特征进行检测,忽略了非连续性带来的不全面性,对检测结果的影响,导致相关数据检测成功率低,虚警率和漏警率均较高的问题。提出基于朴素贝叶斯分类的检测方法,在云平台下,采用层次结构构建非连续威胁数据的PSO辨识树;PSO辨识树中的每层代表对应等级的非连续威胁数据特征集,计算辨识树每层对应的信息熵,获取云平台下非连续威胁数据位节点对应的威胁概率属性信息增益,提取云平台下非连续威胁数据相关特征;通过分析非连续威胁数据各个特征属性,并进行样本集训练,构造朴素贝叶斯分类器,无需依赖攻击行为的先验知识就能够实现非连续威胁数据的优化检测。仿真结果证明,所提方法能够准确、有效地检测出云平台下非连续威胁数据的特征,提高了非连续威胁数据的检测成功率,同时降低了检测虚警率和漏警率。This article focuses on a detection method based on Naive Bayesian classification. On the cloud platform, the layered structure is used to construct PSO identification tree of non-continuous threat data. Each layer in PSO identification tree denotes feature set of non-continuous threat data in corresponding level. Firstly, information entropy corresponding to each layer of identification tree is calculated to get the attribute information gain of threat probability under non-continuous threat data corresponding to the node of data bit on cloud platform. Then, relevant features of non-continuous threat data on cloud platform are extracted. Through the analysis of each feature attribute of non-continuous threat data and the training of sample set, Naive Bayesian classifier is built. Thus, the optimization and detection of non-continuous threat data are achieved without prior knowledge of attack behavior. From simulation results, we can see that the proposed method can accurately and effectively detect characteristics of discontinuous threat data on the cloud platform, which improves the success rate of detection and reduces the false alarm rate and missing alarm rate.

关 键 词：云平台 非连续 威胁数据 优化 检测 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]