基于分级优化置信规则库的网络安全态势预测方法  被引量：11

作　　者：胡庆爽 李成海[2] 路艳丽[2] 宋亚飞[2] HU Qingshuang;LI Chenghai;LU Yanli;SONG Yafei(Graduate School,Air Force Engineering University,Xi’an 710051,China;College of Air and Missile Defense,Air Force Engineering University,Xi’an 710051,China)

机构地区：[1]空军工程大学研究生院,西安710051 [2]空军工程大学防空反导学院,西安710051

出　　处：《计算机工程》2020年第12期127-133,共7页Computer Engineering

基　　金：国家自然科学基金(61703426);中国博士后科学基金(2018M633680);陕西省高校科协青年人才托举计划(20190108)。

摘　　要：基于置信规则库的网络安全态势预测将定性经验知识与定量网络数据结合,具有较好的预测效果,但当训练数据分布不均时,传统整体优化的预测方法易导致过拟合造成预测精度较低。为此,利用置信规则库中规则作用范围有限的特性,提出一种将置信规则库分级优化的网络安全态势预测方法。建立模型作用空间并划分规则作用域,将训练数据按照输入坐标分配到对应的规则作用域,通过设定临界值将规则划分为可完全优化、可部分优化与不可优化3个等级,同时减少规则中待优化参数量。实验结果表明,与GAO-BRB、PSO-BRB等预测方法相比,本文方法能有效避免过拟合现象,网络安全态势预测精度更高。The Network Security Situation Prediction(NSSP)based on the Belief Rule Base(BRB)combines qualitative empirical knowledge with quantitative network data,and has good prediction effect.However,when the training data is not evenly distributed,the traditional prediction method for overall optimization tend to cause overfitting,which leads to a low prediction accuracy.To address the problem,this paper considers the limited scope of rules in the BRB,and proposes a NSSP method based on Hierarchically Optimized Belief Rule Base(HOBRB).The action space of the model is established and the rule scope is divided.Then the training data is allocated to the corresponding rule scope according to the input coordinates.By setting the critical value,the rules are divided into three levels:the fully optimizable ones,the partially optimizable ones,and the non-optimizable ones.Meanwhile,the number of parameters to be optimized in the rules is reduced.Experimental results show that compared with GAO-BRB,PSO-BRB and other prediction methods,the proposed method can effectively avoid overfitting,and improve the prediction accuracy of network security situation.

关 键 词：网络安全态势预测 置信规则库 分级优化 作用域 临界值 

分 类 号：TP393[自动化与计算机技术—计算机应用技术]