西安电子科技大学学报 ›› 2020, Vol. 47 ›› Issue (3): 14-22.doi: 10.19665/j.issn1001-2400.2020.03.003

• • 上一篇    下一篇

一种网络安全态势自适应预测模型

杨宏宇,张旭高   

  1. 中国民航大学 计算机科学与技术学院,天津 300300
  • 收稿日期:2019-11-14 出版日期:2020-06-20 发布日期:2020-06-19
  • 作者简介:杨宏宇(1969—),男,教授,博士,E-mail: yhyxlx@hotmail.com
  • 基金资助:
    国家自然科学基金民航联合研究项目(U1833107)

Network security situation adaptive prediction model

YANG Hongyu,ZHANG Xugao   

  1. School of Computer Science and Technology, Civil Aviation Universtiy of China, Tianjin 300300, China
  • Received:2019-11-14 Online:2020-06-20 Published:2020-06-19

摘要:

针对传统网络安全态势预测模型预测精度较低的不足,提出一种网络安全态势自适应预测模型。首先,提取警报要素并利用熵关联法计算得到网络安全态势的时间序列;然后,将该序列作为滑动自适应三次指数平滑法的输入,并生成安全态势初始预测值序列;最后,基于误差状态通过时变加权马尔科夫链预测误差,并修正初始预测值。实验结果表明, 自适应预测模型相比其他模型具有较好的预测精度。

关键词: 网络安全态势, 熵关联法, 预测值, 三次指数平滑法, 时变加权马尔科夫链

Abstract:

Aiming at the low prediction accuracy of traditional network security situation prediction technology, a network security situation adaptive prediction model (NAP) is proposed. First, it extracts alarm elements and calculate network security situation time sequences based on the entropy correlation method. Then, the sequences are taken as the input of the sliding adaptive cubic exponential smoothing method with initial security situation predicted value sequences generated. Finally, the time-varying weighted Markov chain is used to predict the error value based on the error state and the initial predicted values are modified. Experimental results show that the NAP has a better prediction accuracy than other existing models.

Key words: network security situation, entropy correlation method, predicted value, cubic exponential smoothing method, time-varying weighted Markov chain

中图分类号: 

  • TP309