摘要
网络安全态势感知是提高安全管理员对网络整体安全状况掌控能力的重要技术手段。针对现有网络安全态势感知方法评估要素不够全面的问题,从攻击方、防护方、网络环境三方面出发构建了网络安全态势感知的能力机会意图模型,引入不确定推理模型解决了安全态势要素间的不确定影响关系,给出了能力指数、机会指数和意图指数的计算方法,并介绍了详细的网络安全态势感知方法。使用林肯实验室的公开数据集进行了实验,结果表明该方法评估要素更为全面,评估结果符合实际情况。
Network security awareness is an important technical mean to improve the network security control ability of network security administrators. In view of the problem that the assessment elements of current methods are not complete,this paper built a network situational awareness model which used the situation elements from attacker,defender and network environment. Then it introduced the uncertainty reasoning model to solve the uncertain impact between the security situation elements and presented the detailed computing methods of capability index,opportunity index and intent index. After that it introduced a network security situational awareness method. Finally,it used the public datasets of Lincoln laboratory to conduct experiments,the experiment results show that this method uses more comprehensive evaluation elements,and evaluate results are much more realistic to the actual situations.
出处
《计算机应用研究》
CSCD
北大核心
2016年第6期1775-1779,共5页
Application Research of Computers
基金
国家自然科学基金资助项目(61100226
61303248)
北京市自然科学基金资助项目(4122085)
关键词
网络安全
安全态势感知
能力—机会—意图模型
network security
security situational awareness
capability-opportunity-intent model
