摘要
马尔可夫攻防模型能够生成观测序列,通过对此序列的识别与预测,达到监控目的。由于网络的数据量大,各种攻击手段都对网络安全造成严重威胁。为了提高监控效果,提出一种基于马尔可夫攻防模型的网络边缘态势监控。通过设置采集平台,将马尔科夫攻防过程看作用户与攻击者的博弈过程,利用状态空间、状态概率分布、风险指数等七元组建立马尔可夫攻防模型;确定模型参数,采用模糊层次算法选取监控指标,设计模糊矩阵,获取指标权重,计算风险指数;确立监控平台整体架构,通过上述平台呈现风险指数,实现网络边缘态势监控。实验结果表明,所提方法的监控效果好,监控的平均绝对误差小,始终低于0.2,且对所有攻击类型均适用。
The Markov attack defense model can generate observation sequences and achieve monitoring purposes by identifying and predicting these sequences.Due to the large amount of data in the network,various attack methods pose a serious threat to network security.In order to improve the monitoring effect,a monitoring method for network edge situation based on the Markov attack and defense model was put forward.Firstly,we regarded the process of Markov attack and defense as a game between users and attackers through constructing a collection platform.Then,we built a Markov attack and defense model by using the seven-tuple such as state space,state probability distribution,risk index,etc.After determining the model parameters,we used the fuzzy algorithm to select the monitoring indicators and designed a fuzzy matrix to obtain the indicator weights,thus calculating the risk index.Finally,we established the overall architecture of the monitoring platform,and used the platform to present the risk index.Thus,we achieved the network edge situation monitoring.The experimental results show that the monitoring effect of the proposed method is good,and the mean absolute error is always less than 0.2,so the method is suitable for all attack types.
作者
周文粲
徐顺航
刘丽红
ZHOU Wen-can;XU Shun-hang;LIU Li-hong(People's Holspital,Peking Univeersity,Beijing 100044,China)
出处
《计算机仿真》
2024年第10期409-413,共5页
Computer Simulation
关键词
马尔可夫攻防模型
网络边缘
态势监控
风险指数
模糊层次算法
Markov attack and defense model
Network edge
Situation monitoring
Risk index
Fuzzy hierarchical algorithm
