本文選題：自律計算　切入點：事件感知　出處：《河南科技大學(xué)》2014年碩士論文

【摘要】：隨著計算機系統(tǒng)規(guī)模的不斷擴大和復(fù)雜性的不斷增長，網(wǎng)絡(luò)安全性問題成為計算機領(lǐng)域日益關(guān)注的焦點。計算機網(wǎng)絡(luò)從最初的側(cè)重于信息的保密性發(fā)展到如今網(wǎng)絡(luò)安全信息的完整性、可用性、可控性和不可否認(rèn)性，其主要技術(shù)和理論為“攻擊、防范、檢測、控制、管理、評估”等六方面。其中網(wǎng)絡(luò)事件檢測和安全風(fēng)險評估是保障網(wǎng)絡(luò)信息安全和正常運行的基礎(chǔ)和手段。傳統(tǒng)網(wǎng)絡(luò)的防御保護，在當(dāng)攻擊和威脅出現(xiàn)后，才能分析和處理網(wǎng)絡(luò)的運行狀況，從而導(dǎo)致網(wǎng)絡(luò)管理者難以真正的掌握系統(tǒng)的安全狀況。因此，為能夠把握網(wǎng)絡(luò)的整體安全狀態(tài)，確保網(wǎng)絡(luò)系統(tǒng)安全有效地運行，對網(wǎng)絡(luò)安全事件進行檢測和評估網(wǎng)絡(luò)安全狀態(tài)的研究是非常必要的。而自律計算能夠克服計算系統(tǒng)的異構(gòu)性和復(fù)雜性，被認(rèn)為是實現(xiàn)系統(tǒng)自感知、自評估問題的新的有效途徑。 本文在分析現(xiàn)有的網(wǎng)絡(luò)安全事件感知技術(shù)與網(wǎng)絡(luò)安全評估技術(shù)的基礎(chǔ)上，針對網(wǎng)絡(luò)安全事件感知系統(tǒng)中存在的安全管理復(fù)雜性及缺乏自適應(yīng)性等不足，將自律計算的思想引入到網(wǎng)絡(luò)事件感知與網(wǎng)絡(luò)安全評估中。在事件感知基礎(chǔ)上，將云模型引入網(wǎng)絡(luò)安全風(fēng)險評估中，研究工作主要包括以下幾個方面： (1)全面系統(tǒng)地闡述了網(wǎng)絡(luò)安全事件感知與評估的基礎(chǔ)理論和相關(guān)方法，分析對比了目前系統(tǒng)安全評估研究中各種技術(shù)和方法，鑒于當(dāng)前評估方法管理復(fù)雜、配置成本高、需要較多的人為干預(yù)等問題，引入建立具有自主特性的網(wǎng)絡(luò)安全評估的必要性。 (2)針對當(dāng)前網(wǎng)絡(luò)事件感知系統(tǒng)缺乏自主性，借鑒自律計算的思想，提出一個基于自律計算的網(wǎng)絡(luò)安全事件感知模型。該模型以自律管理者為核心，通過感知策略實現(xiàn)對被管資源的管理，通過融合引擎實現(xiàn)對攻擊行為的自學(xué)習(xí)，感知系統(tǒng)安全事件，自主處理攻擊信息，實現(xiàn)對攻擊的自主響應(yīng)。在安全事件感知過程中，采用主成分分析方法降低安全要素特征空間維數(shù)，采用機器學(xué)習(xí)的融合引擎分類具有內(nèi)在聯(lián)系的數(shù)據(jù)，確定數(shù)據(jù)隸屬的攻擊行為，通過基于危險理論的自主響應(yīng)方法實現(xiàn)對攻擊的自主響應(yīng)，為網(wǎng)絡(luò)安全狀態(tài)的綜合快速評估奠定基礎(chǔ)。 (3)針對網(wǎng)絡(luò)系統(tǒng)安全事件具有的模糊性和隨機性，云模型能夠有效地把模糊性和隨機性集成在一起。因此，為了有效評估網(wǎng)絡(luò)的安全風(fēng)險，將云模型引入到網(wǎng)絡(luò)安全風(fēng)險的研究中，采用定性與定量相結(jié)合的評估方法。提出了一種基于云模型的網(wǎng)絡(luò)安全風(fēng)險評估方法。該方法以網(wǎng)絡(luò)安全要素為基礎(chǔ)，利用一維云模型對單個安全要素進行屬性概化，得到多維屬性云；在此基礎(chǔ)上，，針對網(wǎng)絡(luò)各級安全評語建立其對應(yīng)的多維評判云，通過設(shè)定評判規(guī)則、計算兩類云模型的相似程度得出網(wǎng)絡(luò)安全狀態(tài)評價結(jié)果。
[Abstract]:With the increasing scale and complexity of computer system, network security has become the focus in computer field.From the initial emphasis on the confidentiality of information to the integrity, usability, controllability and non-repudiation of network security information, the main technologies and theories of computer network are "attack, prevention, detection, control and management."Evaluation, etc.Network event detection and security risk assessment are the basis and means to ensure network information security and normal operation.The traditional network defense protection can analyze and deal with the operation of the network only after the attack and threat appear, which makes it difficult for the network manager to grasp the security situation of the system.Therefore, in order to grasp the overall security state of the network and ensure the safe and effective operation of the network system, it is very necessary to study the detection of network security events and the evaluation of the network security state.Autonomous computing can overcome the heterogeneity and complexity of computing systems and is considered to be a new effective way to realize self-perception and self-evaluation.Based on the analysis of the existing network security event awareness technology and network security assessment technology, this paper aims at the shortcomings of the security management complexity and the lack of adaptability in the network security event awareness system.The idea of autonomous computing is introduced into network event perception and network security evaluation.On the basis of event awareness, the cloud model is introduced into network security risk assessment. The research work mainly includes the following aspects:1) the basic theory and related methods of network security event perception and evaluation are expounded in detail and compared with each other in the present research of system security evaluation. In view of the complexity of management and the high cost of configuration, the current evaluation methods are analyzed and compared.It is necessary to establish the network security assessment with independent characteristics because more human intervention is needed.2) aiming at the lack of autonomy in the current network event perception system, a network security event perception model based on autonomous computing is proposed.The model takes self-discipline manager as the core, manages managed resources through perceptual strategy, realizes self-learning of attack behavior through fusion engine, perceives system security events, processes attack information autonomously, and realizes autonomous response to attack.In the process of security event perception, principal component analysis (PCA) is used to reduce the dimension of security feature space, and the fusion engine based on machine learning is used to classify the data with internal relation, and to determine the attack behavior of data membership.The autonomous response method based on the hazard theory is used to realize the autonomous response to the attack, which lays a foundation for the comprehensive and rapid evaluation of the security state of the network.3) in view of the fuzziness and randomness of network security events, the cloud model can effectively integrate fuzziness and randomness together.Therefore, in order to evaluate the network security risk effectively, the cloud model is introduced into the research of network security risk, and the qualitative and quantitative evaluation method is adopted.A network security risk assessment method based on cloud model is proposed.Based on the network security elements, this method generalizes the attributes of a single security element by using a one-dimensional cloud model, and obtains a multidimensional attribute cloud. On this basis, the corresponding multi-dimensional evaluation cloud is established for the network security reviews at all levels.The evaluation results of network security state are obtained by calculating the similarity of the two kinds of cloud models by setting the evaluation rules.
【學(xué)位授予單位】：河南科技大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2014
【分類號】：TP393.08

【參考文獻】

相關(guān)期刊論文 前3條

1 李海林;郭崇慧;邱望仁;;正態(tài)云模型相似度計算方法[J];電子學(xué)報;2011年11期

2 李德毅,劉常昱;論正態(tài)云模型的普適性[J];中國工程科學(xué);2004年08期

3 張濤;胡銘曾;云曉春;張永錚;;計算機網(wǎng)絡(luò)安全性分析建模研究[J];通信學(xué)報;2005年12期

相關(guān)博士學(xué)位論文 前2條

1 張海濤;自律計算系統(tǒng)的自律可信性評估研究[D];哈爾濱工程大學(xué);2010年

2 賴積保;基于異構(gòu)傳感器的網(wǎng)絡(luò)安全態(tài)勢感知若干關(guān)鍵技術(shù)研究[D];哈爾濱工程大學(xué);2009年

本文編號：1719513