共查询到18条相似文献,搜索用时 140 毫秒
1.
为解决网络攻击行为趋向分布化、规模化、复杂化、复杂化的问题,转传统被动防御为主动感知预测,实时掌握网络安全状况,及时发现甚至提前预测网络中的攻击行为,降低网络安全风险,本文提出一种基于基于马尔可夫链的网络安全威胁评估方法。试验结果表明,本文提出的模型方法与其他方法相比,表明基于马尔可夫链改进的网络安全态势感知方法的可行性和有效性。 相似文献
2.
针对网络攻击场景下一段时间内信息系统面临的安全风险,文中提出一种基于隐马尔可夫模型的风险评估方法,将网络主机的漏洞建模为隐马尔可夫模型中的状态,将可能受到的攻击建模为隐马尔可夫模型中的观察值,求解一段时间内的成功攻击概率;根据攻击成功后产生的代价和成功攻击的概率,得到时间段内总风险度量值。该方法可从整体角度对网络攻击场景下一段时间内的信息安全风险进行量化评估。 相似文献
3.
为反映恶意程序传播环境下物联网可用的状态,基于扩展的SEIRD传染病模型和马尔可夫链提出一种物联网可用度评估方法。根据物联网节点的实际状态,扩展经典传染病模型SIR建立SEIRD物联网节点状态转换模型。由物联网节点各个状态之间的动态变化过程,构建物联网节点处于5种状态的概率动力学方程,得到反映各状态转换的马尔可夫矩阵,进一步得到物联网节点的可用度计算方法。以典型的星形和簇形物联网拓扑结构为例,给出整个物联网可用度的评估方法。通过实验,为管理员如何合理部署正常工作节点数、路由数提供建议。研究成果对提高物联网可用度、促进物联网成功应用具有理论指导意义。 相似文献
4.
5.
现有基于攻击图的入侵路径研究在计算状态转移概率时,缺乏对除基本网络环境信息以外因素的考虑,为了全面且合理地分析目标网络的安全性,提出了一种基于吸收马尔可夫链攻击图的网络攻击分析方法。首先,在攻击图的基础上,提出了一种基于漏洞生命周期的状态转移概率归一化算法;其次,使用该算法将攻击图映射为吸收马尔可夫链,并给出其状态转移概率矩阵;最后,对状态转移概率矩阵进行计算,全面分析目标网络的节点威胁程度、攻击路径长度、预期影响。在实验网络环境中应用所提方法,结果表明,所提方法能够有效分析目标网络中的节点威胁程度、攻击路径长度以及漏洞生命周期对网络整体的预期影响,有助于安全研究人员更好地了解网络的安全状态。 相似文献
6.
7.
研究P2P网络中良性蠕虫和恶意蠕虫在对抗传播过程中的特性,可为制定合理的蠕虫对抗策略提供科学依据.提出一种基于随机进程代数的P2P网络蠕虫对抗传播的建模与分析方法.首先,分析了传播过程中蠕虫之间的对抗交互行为以及网络节点的状态转换过程;然后,利用PEPA语法建立了恶意蠕虫初始传播阶段与蠕虫对抗阶段的随机进程代数模型;最后,采用随机进程代数的流近似方法,推导得到能够描述蠕虫传播特性的微分方程组,通过求解该方程组,分析得到P2P蠕虫的对抗传播特性.试验结果表明,良性蠕虫可以有效遏制P2P网络中的恶意蠕虫传播,但需要根据当前的网络条件制定科学的传播策略,以减少良性蠕虫自身的传播对网络性能的影响. 相似文献
8.
9.
中国是世界上在建核电机组数量最多的国家,未来中国的核电发电量将会逐渐占据更高的发电比例,随着犯罪人员技术手段的升级,提升实物保护PPS(Physical Protection Systems)的防护效能、保障核设施安全运转至关重要.本文从分析防护系统关键节点入手,提出一种基于马尔可夫链与敌手入侵中断评估EASI(Est... 相似文献
10.
大数据时代的到来,数据挖掘与分析已经变得越来越重要.如何高效准确的分析和利用电信业务量中的各种参数,通过数据的准确分析与预测调整公司战略目标与指导生产,已经成为每一位通信人迫切需要解决的问题.本文通过对灰色-马尔可夫链模型的分析,提出了在电信业务数据分析预测中使用灰色-马尔可夫链模型对数据进行建模处理的方法. 相似文献
11.
12.
Although the frequency of Intemet worm's outbreak is decreased during the past ten years,the impact of worm on people's privacy security and enterprise's efficiency is still a severe problem,especially the emergence of botnet.It is urgent to do more research about worm's propagation model and security defense.The well-known worm models,such as simple epidemic model (SEM) and two-factor model (TFM),take all the computers on the internet as the same,which is not accurate because of the existence of network address translation (NAT).In this paper,we first analyze the worm's functional structure,and then we propose a three layer worm model named three layres worm model (TLWM),which is an extension of SEM and TFM under NAT environment.We model the TLWM by using deterministic method as it is used in the TFM.The simulation results show that the number of NAT used on the Intemet has effects on worm propagation,and the more the NAT used,the slower the worm spreads.So,the extensive use of NAT on the Internet can restrain the worm spread to some extent. 相似文献
13.
合理地建立蠕虫传播模型将有助于更准确地分析蠕虫在网络中的传播过程。首先通过对分层的异构网络环境进行抽象,在感染时间将影响到蠕虫传播速度的前提下使用时间离散的确定性建模分析方法,推导出面向异构网络环境的蠕虫传播模型Enhanced-AAWP。进而基于Enhanced-AAWP模型分别对本地优先扫描蠕虫和随机扫描蠕虫进行深入分析。模拟结果表明,NAT子网的数量、脆弱性主机在NAT子网内的密度以及本地优先扫描概率等因素都将对蠕虫在异构网络环境中的传播过程产生重要的影响。 相似文献
14.
提出一种新的基于shell命令的用户伪装攻击检测方法。该方法在训练阶段充分考虑了用户行为的多变性和伪装攻击的特点,采用平稳的齐次Markov链对合法用户的正常行为进行建模,根据shell命令的出现频率进行阶梯式数据归并来划分状态,同现有的Markov链方法相比大幅度减少了状态个数和转移概率矩阵的存储量,提高了泛化能力。针对检测实时性需求和shell命令操作的短时相关性,采用了基于频率优先的状态匹配方法,并通过对状态短序列的出现概率进行加窗平滑滤噪处理来计算判决值,能够有效减少系统计算开销,降低误报率。实验表明,该方法具有很高的检测准确率和较强的可操作性,特别适用于在线检测。 相似文献
15.
Tian-Yun Huang 《中国电子科技》2008,6(1):32-38
Internet worm is harmful to network security,and it has become a research hotspot in recent years.A thorough survey on the propagation models and defense techniques of Internet worm is made in this paper.We first give its strict definition and discuss the working mechanism.We then analyze and compare some repre-sentative worm propagation models proposed in recent years,such as K-M model,two-factor model,worm-anti-worm model(WAW),firewall-based model,quarantine-based model and hybrid benign worm-based model,etc.Some typical defense techniques such as virtual honeypot,active worm prevention and agent-oriented worm defense,etc.,are also discussed.The future direction of the worm defense system is pointed out. 相似文献
16.
17.
A lightweight opportunistic routing forwarding strategy (MOR) was proposed based on Markov chain.In the scheme,the execute process of network was divided into a plurality of equal time period,and the random encounter state of node in each time period was represented by activity degree.The state sequence of a plurality of continuous time period constitutes a discrete Markov chain.The activity degree of encounter node was estimated by Markov model to predict its state of future time period,which can enhance the accuracy of activity degree estimation.Then,the method of comprehensive evaluating forwarding utility was designed based on the activity degree of node and the average encounter interval.MOR used the utility of node for making a routing forwarding decision.Each node only maintained a state of last time period and a state transition probability matrix,and a vector recording the average encounter interval of nodes.So,the routing forwarding decision algorithm was simple and efficient,low time and space complexity.Furthermore,the method was proposed to set optimal number of the message copy based on multiple factors,which can effectively balance the utilization of network resources.Results show that compared with existing algorithms,MOR algorithm can effectively increase the delivery ratio and reduce the delivery delay,and lower routing overhead ratio. 相似文献
18.
Qingchen Zhang Zhikui Chen Laurence T. Yang 《International Journal of Communication Systems》2015,28(9):1610-1619
Streaming data analysis is an important part of big data processing. However, streaming data is difficult to be analyzed and processed in real time because of the rapid data arriving speed and huge size of data set in stream model. The paper proposes a nodes scheduling model based on Markov chain prediction for analyzing big streaming data in real time by following three steps: (i) construct data state transition graph using Markov chain to predict the varying trend of big streaming data; (ii) choose appropriate cloud computing nodes to process big streaming data depending on the predicted result of the data state transition graph; and (iii) assign big streaming data to these computing nodes using the load balancing theory, which ensures that all subtasks are accomplished synchronously. Experiments demonstrate that the proposed scheduling algorithm can fast process big streaming data effectively. Copyright © 2014 John Wiley & Sons, Ltd. 相似文献