摘要
针对现阶段网络通信不同路径威胁识别概率低、均方根误差大等问题,提出基于多信息融合的网络通信威胁智能识别方法。通过分析攻击图中所描述的网络攻击占据网络资源过程获取攻击路径;分析攻击者发出的攻击行为,将产生的网络通信威胁作为攻击行为的证据,采用D-S证据理论,将多条威胁汇集为攻击行为信息分析攻击者能力,通过判断攻击者达成攻击想法的概率,获取攻击者的攻击意图,以此为基础,通过威胁量化算法,获取网络通信威胁程度,实现网络通信威胁智能识别。经实验验证,该方法在网络通信威胁识别过程中具有较低的识别均方根误差,且不同路径下的网络通信威胁识别概率较高。
Aiming at the problems of low threat recognition probability and large root mean square error of different paths of network communication at this stage,an intelligent recognition method of network communication threats based on multi-information fusion is proposed.The attack path is obtained by analyzing the process of network attack occupying network resources described in the attack diagram;analyzing the attack behavior issued by the attacker,using the generated network communication threat as the evidence of the attack behavior,adopting the DS evidence theory to aggregate multiple threats into an attack Behavioral information analyzes the attacker’s ability,and obtains the attacker’s attack intention by judging the probability of the attacker reaching the attack idea.Based on this,the threat quantification algorithm is used to obtain the degree of network communication threat and realize intelligent identification of network communication threats.Experiments have verified that this method has a lower recognition root mean square error in the process of network communication threat recognition,and the recognition probability of network communication threats under different paths is higher.
作者
刘祥
杨永强
LIU Xiang;YANG Yongqiang(Henan Branch of China Telecom Co.,Ltd.,Zhengzhou 450016,China;College of Computer and Information,Henan University of Economics and Law,Zhengzhoo,450002,China)
出处
《自动化与仪器仪表》
2021年第9期75-78,共4页
Automation & Instrumentation
基金
国家自然科学基金项目(No.61202285)。
关键词
多信息融合
网络通信威胁
智能识别
攻击行为
Multi-information fusion
Network communication threat
Intelligent identification
Aggressive behavior
