摘要
网络安全态势评估是当前网络安全领域的研究热点之一。本文对国内外已有的安全态势评估方法进行分析和比较,从主机节点和链路方面对网络安全态势进行评估,提出了一种基于多源知识融合的网络安全态势评估模型。通过将多数据源信息融合获得节点安全态势,利用网络时效熵得到链路安全态势,最后将两者融合计算实现网络安全态势定量评估。通过网络仿真软件进行仿真实验,对所提出的的网络安全态势评估模型进行了验证,实验结果能够客观反映网络安全态势的变化,准确的对网络安全态势进行评估。
Network security situation assessment is one of the hottest topics in the field of network security.After analyzing and comparing the existing network security situation assessment methods at home and abroad,it evaluated the network security situation from the host node and link,and proposed a network security situation assessment model based on knowledge fusion.By integrating multiple data source information to compute the node security situation,and the current method used the network entropy to obtain the link security situation.Finally,both were combined to calculate the network security situation evaluation.The network simulation experiments through software verified the proposed network security situation assessment model,which demonstrates that the experimental results can objectively reflect the trend of the network security situation,and can accurately achieve the network security situation evaluation.
作者
赵亮
陶业荣
王晨旭
秦涛
李卫
ZHAO Liang;TAO Yerong;WANG Chenxu;QIN Tao;LI Wei(Ministry of Education Key Lab For Inelligent Networks and Network Security,Xian JiaoTong University,Xian 710049,China;Electronic Equipment Testing Center,Luoyang 471003,China)
关键词
网络安全态势
主机安全态势
链路安全态势
网络时效熵
network security situation evaluation
host security situation
link security situation
network entropy
作者简介
赵亮(1994-),男,河南周口人,西安交通大学硕士研究生,主要研究方向为网络安全。E-mail:liang2123517@163.com;李卫(1967-),男,陕西榆林人,博士,西安交通大学副教授,主要研究方向为计算机网络安全与管理。E-mail:liang2123517@163.com
