| 基于贝叶斯网络的攻击事件智能发掘模型 |
| |
| 引用本文: | 李岳峰,刘丹.基于贝叶斯网络的攻击事件智能发掘模型[J].太赫兹科学与电子信息学报,2023,21(11):1370-1380. |
| |
| 作者姓名: | 李岳峰 刘丹 |
| |
| 作者单位: | 电子科技大学 电子科学技术研究院,四川 成都 611731 |
| |
| 摘 要: | 针对目前传统入侵检测系统难以得出网络攻击行为之间存在的关联关系问题,以攻击图表示模型为指引,提出一种基于贝叶斯网络的攻击事件智能发掘模型。本文以先验知识建立贝叶斯攻击行为关联图。基于属性相似度聚合网络攻击行为,针对网络攻击场景设计高效的Ex-Apriori算法发掘攻击行为间的关联规则,并建立攻击行为组集。利用贝叶斯攻击行为关联图的参数对攻击行为组集进行计算,实现对攻击事件的发掘。实验表明,本模型能有效提取网络攻击事件及发现攻击路径,为网络攻击事件的发现与应对措施提供理论支持和技术支撑。
|
| 关 键 词: | 网络攻击图 贝叶斯网络 关联分析 改进Apriori算法 |
| 收稿时间: | 2021/7/20 0:00:00 |
| 修稿时间: | 2021/9/2 0:00:00 |
Intelligent mining model of attack events based on Bayesian network |
| |
| LI Yuefeng,LIU Dan.Intelligent mining model of attack events based on Bayesian network[J].Journal of Terahertz Science and Electronic Information Technology,2023,21(11):1370-1380. |
| |
| Authors: | LI Yuefeng LIU Dan |
| |
| Abstract: | It is difficult for traditional intrusion detection systems to obtain the relationship among network attack behaviors. Taking an attack graph representation model as a guide, an intelligent mining model of attack events based on Bayesian network is proposed. A Bayesian attack association graph is established based on prior knowledge. The network attack behaviors are aggregated based on attribute similarity. An efficient Ex-Apriori algorithm is designed for network attack scenarios to discover the association rules among the attack behaviors, and the attack behavior group set is established. Finally, the attack behavior group set is calculated by using the parameters of the Bayesian attack association graph to realize the discovery of attack events. Experiments show that this model can effectively extract network attack events and discover attack paths, and provide theoretical and technical support for the discovery and countermeasures of network attack events. |
| |
| Keywords: | network attack graph Bayesian network association analysis improved Apriori algorithm |
|
| 点击此处可从《太赫兹科学与电子信息学报》浏览原始摘要信息 |
|
点击此处可从《太赫兹科学与电子信息学报》下载全文 |
