摘要
为了确保集成化网络存储的信息安全,需要实时进行节点安全脆弱性评估,检测安全脆弱性区域,以便及时修复。针对当前网络存储安全脆弱性区域检测方法存在的检测结果反馈延时较长,误检率较高,查全率较低等问题,提出基于神经网络的集成化网络存储安全脆弱性区域检测方法。根据贝叶斯攻击图分析集成化网络存储节点间的可达关系,结合证据理论与后验概率理论,综合计算原子攻击可达概率,据此评估对应区域的安全脆弱性;利用神经网络模型预估安全脆弱性区域检测器运行状态,并计算节点状态回执信息估计值,通过该估计值与安全脆弱性评估结果的比较,判定节点是否为安全脆弱性节点,检测出网络存储安全脆弱性区域。实验结果表明,所提方法的检测结果反馈延时短于实验对比方法,误检率低于实验对比方法,且查全率更高,具备较好的可操作性与扩充能力。
Real-time evaluation for node safety vulnerability can ensure information safety of integration network storage.Safety vulnerability area is detected so that it can be repaired timely.Current detection method has many disadvantages,such as long feedback delay of detection result,high false detection rate,and low recall ratio.Therefore,based on neural network,a new detection method for safety vulnerability area is proposed in this research.According to the Bayes attack graph,accessibility relation between storage nodes of the integration network was analyzed.Integrated with evidence theory and posterior probability theory,accessibility probability of atomic attack was calculated comprehensively.Hereby,safety vulnerability of the corresponding area was evaluated.The neural network model was used to estimate operation state of detector of the safety vulnerability area and estimation value of receipt information of node state was calculated.The estimation value was compared with the estimation result of the safety vulnerability to judge whether the node was the safety vulnerability node.Thus,the safety vulnerability area of network storage was detected.Simulation results show that the feedback delay of detection result of the method is shorter.The false detection rate is low and the recall ratio is high.The method has better operability and expansion capacity.
作者
鲍海燕
BAO Hai-yan(School of Information Technology and Engineering,Jinzhong University,Shanxi Jinzhong 030619,China)
出处
《计算机仿真》
北大核心
2019年第9期376-379,共4页
Computer Simulation
基金
山西省高校教学改革创新项目(J2018178)
关键词
集成化
网络存储
安全
脆弱性
检测
Integration
Network storage
Safety
Vulnerability
Detection
作者简介
鲍海燕(1982-),女(汉族),山西应县人,硕士研究生,讲师,主要研究领域:网络安全。
