期刊文献+

基于模糊—隐马尔可夫模型的复合式攻击预测方法 被引量:2

Approach to Forecasting Multi- Stage Attack Based on Fuzzy Hidden Markov Model
下载PDF
导出
摘要 通过对复合式攻击预测方法的研究,将关联规则、模糊评价法和隐马尔可夫模型相结合,提出了基于模糊—隐马尔可夫模型的复合式攻击预测方法。该方法首先将原始报警信息融合为超级报警信息,进而基于攻击行为的初始概率分布确定初始状态矩阵,根据关联规则确定状态转移矩阵,应用模糊判别法确定观察矩阵,最后应用隐马尔可夫模型中的Forward算法对报警信息隶属的攻击场景进行了识别,Viterbi算法对攻击意图序列进行了预测。仿真实验验证了该方法的有效性。 Through study on methods for forecasting multi-stage attack,we proposed a forecasting approach based on fuzzy,Hidden Markov Model( HMM) by integrating the association rule,fuzzy evaluation method and hidden Markov model together. Firstly,the original alarm information was fused into hyper alarm information. Secondly,the initial state matrix was obtained by the initial probability of the attack behaviorsthe state transition matrix was determined according to the association rule,and the observation matrix was obtained by fuzzy evaluation. Finally,the attack scenarios leading to the alarm information were recognized by the Forward algorithm of HMM,and the next possible attack sequence was forecasted by the Viterbi algorithm of HMM. The results of simulation experiments verify the validity of this approach.
出处 《电光与控制》 北大核心 2015年第1期39-44,共6页 Electronics Optics & Control
基金 国家自然科学基金(60573036) 河北省自然科学基金(F2013205193) 河北省科技支撑计划(12213514D) 河北师范大学研究生科研基金(201305)
关键词 网络安全 模糊评价 隐马尔可夫模型 复合攻击 报警信息 network security fuzzy evaluation hidden Markov model multi-stage attack alarm information
  • 相关文献

参考文献11

二级参考文献47

共引文献54

同被引文献21

引证文献2

二级引证文献7

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部