摘要
为了解决网络内部威胁的问题,分析了现有的基于模型、图形理论以及访问控制算法的解决方案,发现大部分方案都依赖传统的入侵检测手段,其虚警率高。为此,文章提出一种基于博弈论与信息融合的内部威胁者行为的预测算法,采用动态贝叶斯网络(DBN)结构及其精确推理算法,获取信息并融合不同的源信息用于行为分析,通过可数响应性均衡(QRE)计算预测内部威胁者的行为趋势。模拟仿真验证结果表明,该算法能预测内部威胁者的行为趋势,获得态势感知能力,能解决内部威胁问题,且算法具有良好的收敛性和精确度。
In order to solve the problem of internal network threats,the existing solutions were analyzed based on model,graph theory and access control algorithm.Most of them are depended upon traditional intrusion detection system which are impacted by false positive rate and not suitable for insider problem.In this paper,we proposed our algorithm for insider threat situation awareness,which is based on game theory and information fusion.We use DBN structure and exact inference to acquire and fuse different type of insider information for behavior analysis.As a result of simulation experiment,the algorithm can predict the behavior trend of the internal threat,obtain situation awareness,and solve the internal threat problem.The algorithm has good convergence performance and accuracy.
作者
邱东利
赵军
江东
王晓龙
QIU Dongli;ZHAO Jun;JIANG Dong;WANG Xiaolong(National Institute of Measurement and Testing Technology Test Technology,Chengdu 610021 China)
出处
《西华大学学报(自然科学版)》
CAS
2023年第4期32-42,共11页
Journal of Xihua University:Natural Science Edition
