【摘要】：隨著經(jīng)濟和互聯(lián)網(wǎng)技術(shù)的快發(fā)發(fā)展,電子政務(wù)在政府信息化管理改革中應(yīng)運而生,伴隨而來的是電子政務(wù)網(wǎng)的安全性保障。網(wǎng)絡(luò)安全評估技術(shù)針對網(wǎng)絡(luò)系統(tǒng)的漏洞檢測,網(wǎng)絡(luò)態(tài)勢感知,攻擊入侵檢測等方面具有優(yōu)勢,現(xiàn)有的網(wǎng)絡(luò)安全評估技術(shù)在處理確定性數(shù)據(jù)時有較好的評估效果,針對不確定性信息態(tài)勢評估則不盡人意。信息網(wǎng)絡(luò)系統(tǒng)由于其結(jié)構(gòu)的復(fù)雜性,物理設(shè)備多樣性產(chǎn)生的數(shù)據(jù)量大,數(shù)據(jù)信息密度低,給安全評估帶來了困難,一方面安全評估需要保證準(zhǔn)確性,另一方面安全評估要有實時性,然而,現(xiàn)有的安全評估方法要么通過犧牲準(zhǔn)確性達到高效性的目的,要么降低效率獲得高準(zhǔn)確性。因此,網(wǎng)絡(luò)安全評估方法中滿足評估結(jié)果準(zhǔn)確性和實時性成為一種挑戰(zhàn)。針對上述挑戰(zhàn),本文提出了一種基于灰色關(guān)聯(lián)分析與D-S證據(jù)理論的網(wǎng)絡(luò)安全評方法。首先,由于不同評估指標(biāo)對于網(wǎng)絡(luò)態(tài)勢的影響并不相同,利用層次法來確定不同評估指標(biāo)的權(quán)重。其次,考慮到不同指標(biāo)對不同等級的隸屬度差別,確定了各評估指標(biāo)對評估等級的隸屬度函數(shù),定義了放大加權(quán)隸屬度函數(shù)來降低整體不確定性。再者,D-S證據(jù)理論中基本概率分配是一個難以確定的問題,為了減少人為主觀因素對基本概率分配的差異性影響,提出利用灰色關(guān)聯(lián)分析法來解決基本概率分配問題,然后通過D-S證據(jù)理論合成規(guī)則對各Mass函數(shù)進行合成,逐步降低不確定性,評估結(jié)果根據(jù)置信函數(shù)大小確定。通過實驗表明,該方法降低了評估結(jié)果的不確定性,提高了準(zhǔn)確性和效率。網(wǎng)絡(luò)安全態(tài)勢預(yù)測是在網(wǎng)絡(luò)安全評估的基礎(chǔ)上對未來網(wǎng)絡(luò)安全態(tài)勢的估計,對于網(wǎng)絡(luò)安全態(tài)勢的把握有指導(dǎo)性作用。網(wǎng)絡(luò)安全態(tài)勢具有突發(fā)性、波動性,因此網(wǎng)絡(luò)安全態(tài)勢勢預(yù)測方法要有良好的處理非線性問題的能力,對此,提出了基于GM(1,1)冪模型的網(wǎng)絡(luò)安全態(tài)勢預(yù)測方法,GM(1,1)冪模型具有優(yōu)秀的處理非線性問題的能力,對于樣本數(shù)量要求不高,實用性較好,最后通過實驗對比,本文所用的網(wǎng)絡(luò)安全態(tài)勢預(yù)測方法較具有較好的預(yù)測精度和較低的誤差率。
[Abstract]:With the rapid development of economy and Internet technology, e-government emerged as the times require in the government information management reform, accompanied by the security of e-government network. The network security assessment technology has advantages in the aspects of vulnerability detection, network situation awareness, attack intrusion detection and so on. The existing network security assessment technology has a good evaluation effect when dealing with deterministic data. The situation assessment of uncertain information is unsatisfactory. Because of the complexity of its structure, the large amount of data produced by the diversity of physical equipment and the low density of data information, the information network system brings difficulties to the security assessment. On the one hand, the security assessment needs to ensure the accuracy. On the other hand, security assessment should be real-time. However, the existing security assessment methods can achieve high efficiency at the expense of accuracy, or reduce efficiency to achieve high accuracy. Therefore, it is a challenge to satisfy the accuracy and real-time of network security evaluation. In view of the above challenges, this paper presents a network security evaluation method based on grey correlation analysis and D-S evidence theory. Firstly, because the influence of different evaluation indexes on network situation is different, the hierarchical method is used to determine the weight of different evaluation indicators. Secondly, considering the difference of membership degree of different indexes to different grades, the membership function of each evaluation index to evaluation grade is determined, and the enlarged weighted membership function is defined to reduce the overall uncertainty. Furthermore, in D-S evidence theory, the basic probability distribution is a difficult problem. In order to reduce the difference of artificial subjective factors on the basic probability distribution, the grey correlation analysis method is proposed to solve the basic probability distribution problem. Then each Mass function is synthesized by D-S evidence theory synthesis rule, and the uncertainty is reduced step by step. The evaluation results are determined according to the size of the confidence function. Experiments show that this method reduces the uncertainty of the evaluation results and improves the accuracy and efficiency. The prediction of network security situation is based on the evaluation of network security, and it can guide the grasp of network security situation. The network security situation is sudden and fluctuating, so the network security situation forecasting method should have a good ability to deal with nonlinear problems. In this paper, a method of network security situation prediction based on GM (1K1) power model is presented. The power model has excellent ability to deal with nonlinear problems, and it has low requirement for sample size and good practicability. Finally, it is compared by experiments. The network security situation prediction method used in this paper has better prediction accuracy and lower error rate.
【學(xué)位授予單位】：河南工業(yè)大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2017
【分類號】：TP393.08

【參考文獻】

相關(guān)期刊論文 前10條

1 湯永利;李偉杰;于金霞;閆璽璽;;基于改進D-S證據(jù)理論的網(wǎng)絡(luò)安全態(tài)勢評估方法[J];南京理工大學(xué)學(xué)報;2015年04期

2 李紀(jì)真;孟相如;溫祥西;康巧燕;;螢火蟲群算法優(yōu)化高斯過程的網(wǎng)絡(luò)安全態(tài)勢預(yù)測[J];系統(tǒng)工程與電子技術(shù);2015年08期

3 謝麗霞;王亞超;;網(wǎng)絡(luò)安全態(tài)勢感知新方法[J];北京郵電大學(xué)學(xué)報;2014年05期

4 劉玉嶺;馮登國;連一峰;陳愷;吳迪;;基于時空維度分析的網(wǎng)絡(luò)安全態(tài)勢預(yù)測方法[J];計算機研究與發(fā)展;2014年08期

5 唐成華;湯申生;強保華;;DS融合知識的網(wǎng)絡(luò)安全態(tài)勢評估及驗證[J];計算機科學(xué);2014年04期

6 孟洛明;朱杰輝;楊楊;孟玲莉;張平平;高志鵬;;支持向量機回歸預(yù)測在網(wǎng)絡(luò)故障檢測中的應(yīng)用[J];北京郵電大學(xué)學(xué)報;2014年S1期

7 石欣;張濤;雷璐寧;;基于集對分析與馬爾可夫鏈的生態(tài)安全動態(tài)評估[J];計算機應(yīng)用;2014年02期

8 高琳;楊建業(yè);覃桂敏;;動態(tài)網(wǎng)絡(luò)模式挖掘方法及其應(yīng)用[J];軟件學(xué)報;2013年09期

9 李特;馮琦;張X;;基于熵權(quán)灰色關(guān)聯(lián)和D-S證據(jù)理論的威脅評估[J];計算機應(yīng)用研究;2013年02期

10 吳琨;白中英;;集對分析的可信網(wǎng)絡(luò)安全態(tài)勢評估與預(yù)測[J];哈爾濱工業(yè)大學(xué)學(xué)報;2012年03期

相關(guān)博士學(xué)位論文 前2條

1 吳金宇;網(wǎng)絡(luò)安全風(fēng)險評估關(guān)鍵技術(shù)研究[D];北京郵電大學(xué);2013年

2 張建鋒;網(wǎng)絡(luò)安全態(tài)勢評估若干關(guān)鍵技術(shù)研究[D];國防科學(xué)技術(shù)大學(xué);2013年

相關(guān)碩士學(xué)位論文 前2條

1 陳燕;計算機網(wǎng)絡(luò)信息安全風(fēng)險評估標(biāo)準(zhǔn)與方法研究[D];中國海洋大學(xué);2015年

2 劉霄云;我國電子政務(wù)信息安全管理研究[D];大連海事大學(xué);2015年

，

本文編號：2143566