西安电子科技大学学报 ›› 2021, Vol. 48 ›› Issue (1): 183-190.doi: 10.19665/j.issn1001-2400.2021.01.021

• • 上一篇    

一种深度学习的网络安全态势评估方法

杨宏宇(),曾仁韵()   

  1. 中国民航大学 计算机科学与技术学院,天津 300300
  • 收稿日期:2020-08-16 出版日期:2021-02-20 发布日期:2021-02-03
  • 作者简介:杨宏宇(1969—),男,教授,博士,E-mail: yhyxlx@hotmail.com|曾仁韵(1994—),女,硕士,E-mail: zenrenyun@163.com
  • 基金资助:
    国家自然科学基金民航联合研究项目(U1833107)

Method for assessment of network security situation with deep learning

YANG Hongyu(),ZENG Renyun()   

  1. School of Computer Science and Technology,Civil Aviation University of China,Tianjin 300300,China
  • Received:2020-08-16 Online:2021-02-20 Published:2021-02-03

摘要:

由于传统的网络安全态势评估方法依赖于人工的标注和评估,在面对大量数据时,存在效率低、灵活性差等问题。针对这些问题,提出一种深度学习的网络安全态势评估方法。首先,建立深度自编码模型,对网络中受到的各种攻击进行识别;然后,为了提高模型对拥有少量训练样本的类型的检测率,设计了欠过采样加权算法;最后进行模型测试并计算攻击概率,确定每种攻击的影响得分并计算网络安全态势值。实验结果表明,提出的深度自编码模型的准确率和召回率都优于对比的模型,这使得评估结果更加准确有效。

关键词: 网络安全态势评估, 网络攻击, 深度学习, 深度自编码器, 数据重采样

Abstract:

The traditional methods for assessment of network security situation rely on manual label and evaluation.When faced with a large amount of data,there appearsome problems such as low efficiency and poor flexibility.First,we propose a Deep Autoencoder-Deep Neural Network (DAEDNN) model to identify all kinds of attacks on the network.Then,the Under-Over Sampling Weighted (UOSW) algorithm is designed to improve the detection rate of the model on categories with a few training samples.Finally,we conduct model testing and calculate the attack probability.Besides,we determine the impact score of each type of attack and calculate the network security situation value.Experimental results show that the precision and recall of the proposed model are better than those of the compared models,and that the proposed model has a better performance in accuracy and efficiency.

Key words: network security situation assessment, network attacks, deep learning, deep autoencoder, data resampling

中图分类号: 

  • TP309