上海交通大学学报(自然版) ›› 2015, Vol. 49 ›› Issue (08): 1144-1152.

• 自动化技术、计算机技术 • 上一篇    下一篇

基于多源多层次信息融合的网络安全态势感知方法

文志诚1,2,陈志刚1,邓晓衡1,刘安丰1   

  1. (1. 中南大学 信息科学与工程学院, 长沙 410083; 2. 湖南工业大学 计算机与通信学院, 湖南 株洲 412007)
  • 收稿日期:2014-09-15 出版日期:2015-08-31 发布日期:2015-08-31
  • 基金资助:

    国家自然科学基金项目(61073186,61073104,60903058)资助

Network Security Situation Awareness Method Based on Multi-Source and Multi-Level Information Fusion

WEN Zhicheng1,2,CHEN Zhigang1,DENG Xiaoheng1,LIU Anfeng1   

  1. (1. School of Information Science and Engineering, Central South University, Changsha 410083, China;2. College of Computer and Communication, Hunan University of Technology, Zhuzhou 412007,  China)
  • Received:2014-09-15 Online:2015-08-31 Published:2015-08-31

摘要:

摘要: 针对网络安全态势感知范围局限、信息来源单一及准确性偏差较大的问题,提出了一个全方位整体上感知网络安全态势框架.充分考虑多信息源和多层次信息融合,从3个维度上动态生成网络当前安全状况,准确地反映网络当前安全态势,易于逆向查找异常组件.提出“3σ法则”离散化连续型随机变量方法,对建立适合处理非确定性信息融合的贝叶斯网模型有重要的理论与实践指导意义.最后,利用网络实例数据,对该模型和算法进行了验证,结果表明了该方法的正确性.

关键词: 多信息源, 信息融合, 贝叶斯网, 安全态势感知

Abstract:

Abstract: A comprehensive overall network security situation awareness framework was proposed, fully considering mul-information sources and multilevel information fusion, which can dynamically produce the current network security situation from the three dimensions, accurately reflect the current network security situation, and easily find the abnormal component. Besides,  a “3σ rule” to discretize continuous random variable was proposed that can establish a Bayesian network suitable for dealing with uncertain information fusion, providing important guidance to theory and practice. Making full use of network instance data, the model and algorithm are verified and the results show that the method is correct.

Key words: information fusion, Bayesian network, security situation awareness,  multi-information sources

中图分类号: