位置:成果数据库 > 期刊 > 期刊详情页
集对分析的可信网络安全态势评估与预测
  • ISSN号:0367-6234
  • 期刊名称:《哈尔滨工业大学学报》
  • 时间:0
  • 分类:TP393.08[自动化与计算机技术—计算机应用技术;自动化与计算机技术—计算机科学与技术]
  • 作者机构:[1]北京邮电大学计算机学院,北京100876
  • 相关基金:国家高技术研究发展基金资助项目(2007CB310704); 国家自然科学基金资助项目(60821001)
作者: 吴琨[1], 白中英[1]
关键词: 可信网络连接, 安全态势评估, 集对分析, Box-Jenkin模型, trusted network connect, security situational awareness, set pair analysis, box-Jenkin model
中文摘要:

为了解决可信网络中网络管理和安全监控审计的问题,通过对可信网络连接框架(TNC)和网络态势感知体系(CSA)的研究,针对可信网络安全中多数据源确定性与不确定性的特点,提出了基于集对分析的网络安全态势评估与预测方法 SPSAF.SPSAF首先采用基于特征库的方法审计网络连接信息、系统管理信息、系统监控信息和应用服务信息,然后综合改进的熵权法和层次分析法提取安全态势指标权重,再利用集对分析方法对安全态势指标进行评估得到网络安全态势值,进而绘制网络安全态势图,最后采用Box-Jenkin模型基于安全态势值预测网络安全趋势.仿真实验结果表明SPSAF能够准确有效地反映当前及未来的网络安全态势,有助于管理员有效地制定网络安全策略,并能及时发现风险,迅速准确地调整策略和实施应对措施,提供更全面可靠的网络安全保障.

英文摘要:

To solve the problems of network management and security monitoring and auditing in trusted network,by researching the framework of trusted network connect(TNC) and the architecture of cyberspace situational awareness(CSA),in view of the certain and uncertain characteristics of multi-source information in trusted network security,a new security situational awareness and forecast based on set pair analysis(SPA) called SPSAF is proposed.SPSAF audited network connection information,system management information,system monitoring information and application service information by the method based on feature base.The security situational indexes were extracted by the method of improved entropy method(EM) and analytic hierarchy process(AHP).The SPA method was utilized to assess these indexes to get the value of network security situation,and the security-situation-graph of network was drawn.The time series of the assessment results was analyzed via the Box-Jenkin model to forecast the network security trend.The simulation experiment results show that SPSAF is accurate and effective to reflect the network security situation and its trend,which can help the administrator to make security policies efficiently,to discover risks timely,to adjust policies and take relevant protective or emergency measures quickly and accurately,and to ensure overall and reliable security.

同期刊论文项目
通信网的网络理论和技术
期刊论文 332 会议论文 183 获奖 32 著作 5
同项目期刊论文
基于密度趋近的无线传感器网络故障恢复方法
一种高效的基于身份的可验证加密签名方案
面向移动自组织网络的自主管理架构及应用
一个群组验证的多策略门限数字签名方案
一种改进的椭圆曲线安全代理签名方案
网络虚拟化环境中虚拟网资源分配机制
基于用户行为聚类的移动终端业务故障检测优化机制
Comment on “Secure multiparty computation with a dishonest majority via quantum means”
Remote Preparation of an Arbitrary Two-Qubit State with Three-Party
A Service Selection Approach Based on Availability-Aware in Mobile Ad Hoc Networks
Semi-supervised learning classifier system based on bayes
M+1-st Price Auction without Auctioneers Based on Threshold ElGamal Encryption
Threshold multiparty quantum-information splitting via quantum channel encryption
Economical multiparty simultaneous quantum identity authentication based on Greenberger-Horne-Zeilin
Fast fault localization for large-scale IP-based Communication Systems using Bayesian networks
Deterministic and exact entanglement teleportation via W state
An efficient protocol for the private comparison of equal information based on the triplet entangled
A two-step channel-encryting quantum key distribution protocol
Exponentially asymptotical synchronization in uncertain complex dynamical networks with time delay
Automatic Approach to Ontology Evolution Based on Change Impact Comparisons
A Method for Node fault Detection in Wireless Sensor Network
Dynamic Logic Architecture based on Piecewise-linear System
Deterministic remote preparation of an arbitrary W class state with multiparty
GPSA:A Greedy Pull-based Scheduling Approach for P2P Live Streaming under Heterogeneous Environments
Comment on “Two-way protocols for quantum cryptography with a nonmaximally entangled qubit pair”
Mechanism of User Profile Complete Deletion Concerning Temporary Scenario Oriented Application of Mo
Virtual Network Embedding Through Topology-Aware Node Ranking
Mult-Dimensional Aware Scheduling for Co-optimizing Utilization in Data Center
CADE自主网络管理方法及其应用框架
基于角色的IAM系统的研究与实现
支持多故障定位的探测站点部署方法
QoE/QoS Driven Simulated Annealing-based Generic Algorithm for Web Services Selection
基于回声隐藏的VDSC隐写分析算法
利用RSA密码体制解决安全多方多数据排序问题
保护私有信息的三角不等式判定协议及其应用
安全多方模糊综合评判模型及协议
一种新的P2P网络的信任管理模型
高速网络入侵检测系统体系结构的设计
基于随机哈希签名模式的可信捐赠监督方案
集体幅值阻尼信道上的量子安全直接通信
Quantum steganography with large payload based on entanglement swapping of χ-type entangled states
Sensor Placement Algorithms for Fusion-based Surveillance Networks
Comment on “Controlled DSQC using five-qubit entangled states and two-step security test”
IMS Security Analysis using Multi-attribute Model
Reduce Network Traffic Cost by Merging Maintenance Messages in Single-hop Routing Mechanisms
考虑节点自主特性的对等网络拓扑优化调整
IMS网络中的SIP洪泛攻击检测
Utilizing resource semantic to improve search efficiency in unstructured heterogeneous P2P system
群体Pareto最优的WEB服务组合决策方法
Certificateless multi-proxy sinature
New Constructions of Binary Sequences with Good Autocorrelation Based on Interleaving Technique
2-Adic Complexity of Self-shrinking Sequence
Entanglement distribution by three-mode separable state with imperfect equipments
Classical communication cost in quantum information
Image encryption algorithm based on the multi-order discrete fractional Mellin transform
Public Key Distribution Scheme for Delay Tolerant Networks Based on Two-Channel Cryptography
Modeling Dynamics of Disaster Spreading in Community Networks
Faithful Clone of An Unknown Two-Particle Entangled State With Assistance
Probabilistic quantum network coding of M-qudit states over the butterfly network
Secure network coding against wiretapping and Byzantine attacks
Optimal windows of rewiring period in randomly coupled chaotic maps
Dynamics of Chaotic Systems with Attractive and Repulsive Couplings
An Early Stage Detecting Method against SYN Flooding Attacks
Negotiation-based Stimulating Cooperation of Selfish nodes in the Ad hoc Networks
基于并发签名的公平交易协议的分析与改进
标准模型下基于身份的传递签名
匿名通信系统集中式资源分发模型及其分析
Cryptanalysisi and improvement of two GHZ-state-based QSDC protocols
一种预算限定条件下的服务组合方法
采用冒泡原理进行多轨迹识别的方法
New General Constructions of LCZ Sequences Sets Based on Interleaving Technique and Affine Transfor
ITU-T M.3102,Unified generic management information model for connection-oriented and connectionless
YD/T 1926.2-2009 IT运维服务管理技术要求 第2部分:管理服务定义
YD/T 2068.1-2010:2GHz TD-SCDMA 多媒体广播系统(TD-MBMS)网络管理技术要求 第1部分:配置网络资源模型
具有几乎最优自相关幅度二元序列的构造
基于网络编码的延迟容忍移动传感器网络低时延广播传输机制
企业IT网络异常流量综合检测模型
Robust Quantum Secure Direct Communication over Collective Rotating Channel
Scalable Arbitrated Quantum Signature of Classical Messages with Multi-Signers
Robust Multiparty Quantum Secret Sharing against Participant Forcible Manipulation
Quantum broadcast communication with authentication
Quantum Message Distribution
Scheme for cloing a three-particle GHZ class state with assistance
Controlled quantum teleportation with Bell states
5元1阶弹性函数的代数免疫阶
辫群上的共轭链接问题及基于辫群的数字签名方案的新设计
基于聚合签名的多方合同签署协议
基于全局QoS约束分解的Web服务动态选择
适用于移动商务环境的口令认证密钥交换协议
无线传感器网络中邻居数据分析的故障检测方法
基于JPEG净图定量描述的隐写分析方法
基于分域的IT配置管理数据库信息模型
基于模型的WebService性能测试方法
利用信任和社会网络的资源发现方法
安全两方圆计算协议
无条件安全的隐私保护的集合模式匹配协议
针对BPCS隐写的隐写分析法
融合复杂动态网络的模型参考自适应同步研究
YD/T 1926.3-2010: IT运维服务管理技术要求 第3部分:服务管理流程
ITU-T M.3702 Common Management Service - Notification management - requirements & analysis
ITU-T M.3704 Common Management Service - Performance management - requirements & analysis
YD/T 1926.1-2009 IT运维服务管理技术要求 第1部分:体系架构
YD/T 2068.2-2010:2GHz TD-SCDMA 多媒体广播系统(TD-MBMS)网络管理技术要求 第2部分:性能网络资源模型
YD/T 1926.5-2010; IT运维服务管理技术要求 第5部分:配置管理数据库
On the Cryptographic Properties of Binary 2(n)-periodic Sequences
Fault tolerant quantum secret sharing against collective-collectiveamplitude-damping noise
Cryptanalysis of multiparty controlled quantum secure direct communication using Greenberger-Horne-Z
Cryptanalysis and improvement of a multi-user quantum key distribution protocol
Quantum blind signature based on Two-State Vector Formalism
Improving the quantum secure direct communication by entangled qutrits and entanglement swapping aga
Economical quantum anonymous transmissions
Some improved results on communication between information systems
Participant attack on quantum secret sharing based on entanglement swapping
Secure authentication of classical messages with single photons
Towards Web Service Selection Based on Qos Estimation
SKIP: An efficient search mechanism in unstructured P2P networks
Cryptanalysis and improvement of a secure quantum sealed-bid auction
Multiparty quantum secret sharing with collective eavesdropping-check
Multiparty quantum secret sharing based on Bell measurement
Secure authentication of classical messages with decoherence-free states
Improved secure quantum sealed-bid auction
Secure quantum private comparison
Hybrid chaotic ant swarm optimization
Quantum secure direct communication over the collective amplitude damping channel
YD/T 2068.3-2010: 2GHz TD-SCDMA 多媒体广播系统(TD-MBMS)网络管理技术要求 第3部分:基于CORBA技术的网络资源模型设计
一种用于移动通信的匿名认证方案
Multi-policy threshold signature with distinguished signing authorities
改进的直接匿名认证方案
可转换认证加密的安全邮件协议
适用于协议特征提取的关联规则改进算法
A Unified Result For Variable-Rate Linear Network Coding
Variable-rate convolutional network coding
基于可重用基序列的量子安全通信方案
对一类无证书强代理签名方案的攻击及改进
TD-SCDMA无线接入网自主负载均衡管理方法
网络虚拟化环境下基于预测的资源重配置算法
普适终端业务的管理信息建模及实现机制
情感驱动的自私MANETs 节点协商机制
对一类强指定验证者签名方案的分析与改进
5元1-弹性布尔函数的代数免疫阶
现多重周期序列联合2-adic复杂度的稳定性
Trusted Mobile Client for Document Security in Mobile Office Automation
基于m序列的正形置换的构造与计数
Three-tangle for high-rank mixed states
A password-based secure communication scheme in battlefields for IOT
Revisiting the security of secure direct communication based on ping-pong protocol[Quantum Inf. Proc
Comment on “Eavesdropping on the improved three-party quantum secret sharing protocol”
Member expansion in quantum (t,n) threshold secret sharing schemes
Arbitrated quantum signature with an untrusted arbitrator
Participant attack on a kind of MQSS schemes based on entanglement swapping
Arbitrated quantum signature of classical message against collective amplitude damping nosie
Deterministic Clone of an Unknown N-qubit Entangled State with Assistance
A Computational Perspective on Network Coding
一种新的一阶段加密认证模式
终端业务上下文的定义方法及业务模型
High efficiency of two efficient QSDC with authentication is at the cost of their security
Cryptanalysis and Improvement of Quantum Secret Sharing Protocol between Multiparty and Multiparty w
三粒子纠缠W态隐形传态的正交完备基展开与算符变换
抗窃听的安全网络编码
Parameter Estimation of Dynamical Systems via Chaotic Ant Swarm
Secure network coding in the presence of eavesdroppers
Regularity and Green’s relations for finite E-order-preserving transformations semigroups
基于二值异或群的多轨迹识别算法
构建风险敏感的对等网安全信任模型
Efficient ID-based TPM Key Loading Scheme for Trusted Platform
Verifiable Quantum (k,n)-threshold Secret Key Sharing
A note on communicating between information systems based on including degrees
Affine braid groups: a better platform than braid groups for cryptology
A local-world heterogeneous model of wireless sensor networks with node and link diversity
Fair quantum blind signatures
Cryptanalysis of a chaotic communication scheme using parameter observer
Comment on “General relation between the transformation operator and an invariant under stochastic l
Cryptanalysis and improvement of a DSQC using four-particle entangled state and entanglement swappin
Reexamining the security of the reconstruction phase of the Hillery-Buaek-Berthiaume quantum secret-
Comment on Lee et al.'s group signature and e-auction scheme
A steganographic method for digital images with four-pixel differencing and modified LSB substitutio
Fault-tolerant quantum secret sharing against collective noise
Parameter identification and synchronization of dynamical system by introducing auxiliary subsystem
An improved semantically-secure identity-based signcryption scheme in the standard model
Discrete logarithm additively homomorphic encryption and secure data aggregation
Cryptanalysis of the arbitrated quantum signature protocols
Single-Photon?Multiparty?Quantum?Cryptographic?Protocols?with?Collective?Detection
An Economical Scheme for Cloning an Unknown M-qudit Equatorial-like State with Assistance
无线传感器网络中的一种基于移动Agent的动态入侵检测系统
Research of Spatial Domain Image Digital Watermarking Payload
Efficient Text Representation via Weighted Co-Contributions of Terms on Class Tendency
基于区域相关性的LSB匹配隐写分析
Modelling Dynamics of Disaster Spreading in Community Networks
Quantum key distribution by constructing nonorthogonal states with Bell states
A New Solution to Detectable Byzantine Agreement Problem
Information leakage in three-party simultaneous quantum secure direct communication with EPR pairs
A Novel Real-Time Interactive LBS Systerm for Large-Scale Smart Parks
Universal Three-Party Quantum Secret Sharing Against Collective Noise
3GPP认证与密钥协商协议安全性分析
基于信号稳定度提高RFID识别率的方法
多元合同签署协议
综合迁移成本和通信成本的云计算节能策略
节点信誉相关的无线传感器网络故障检测
强鲁棒零水印技术
基于动态失真补偿量化索引调制的可逆数据隐藏算法
一种延迟容忍移动传感器网络自适应连接探测机制
基于网络处理器的自相似流量仿真系统
基于模型的Web Service性能测试方法
下一代网络终端管理系统体系结构及流程实现
区分服务QoP的可生存虚拟网络映射算法研究
基于多个独立区分特征的序列密码最优联合区分器
双连接文件安全传输的设计与实现
关于二阶代数免疫布尔函数的几个结果
一类二阶代数免疫函数的结构
基于云模型的不确定性QoS感知的Skyline服务选择
具有最高代数免疫阶的布尔函数的构造
基于EPR态的量子代理签名方案
一种运用游程编码的大数模乘算法
Three-party quantum secret sharing of secure direct communication based on x-type entangled states
Economical multiparty simultaneous quantum identity authentication based on Greenberger-Horne-Zeilinger states
Deterministic and exact entanglement teleportation via the W state
Participant attack on quantum secret sharing based on entanglement swapping
情感驱动的自私MANETs节点协商机制
基于多代理协作的IT复杂应用管理任务分解算法
哼唱检索中联合音高与能量的音符切分算法
ID保护的物联网T2ToI中能量高效的健壮密钥管理方案
DRT:一种云计算中可信软件服务的通用动态演变鲁棒信任模型
基于粒子群优化的负载均衡的虚拟网络映射
面向本体实例生成的有限汉语语法学习系统
基于分形理论P2P流量行为的自相似性
用户评价的信息系统服务质量评估模型
基于DWT-DCT-SVD的音频盲水印算法
IMS网络中畸形SIP信令的快速检测
无线接入网自主覆盖优化方法
TD-SCDMA无线接入网高负载小区中断补偿方法
基于协作交互的概率性数据包标记溯源方法
面向SNS用户访问行为的Web缓存预测替换
动态网络中的高效多故障诊断技术
基于净图描述的通用隐写分析技术
基于Java安全体系结构的托管PaaS平台安全容器
单码流场景下P2P流媒体直播数据调度方法
Web服务选择中信誉度评估方法
基于构件技术的移动SNS服务端架构
复杂上下文感知的组合服务选择框架
基于通用DSP的视频解码器的优化实现
一种基于Volterra级数的云平台自适应失效检测机制
MSTP业务管理系统的分析与设计
数据中心多维感知的资源联合优化调整策略(英文)
基于贝叶斯模型的高效主动探测算法(英文)
无线泛在网的用户体验质量综合评估机制(英文)
基于非均衡变异离散粒子群算法的QoS全局最优Web服务选择方法
基于DSP6000的实验室安全控制系统研究
基于支持向量机与余弦夹角法的中文网页过滤的研究与设计
基于遗传算法的聚焦爬虫搜索策略设计与研究
Fast coding in digital steganography
Improving the security of secure deterministic communication scheme based onquantum remote state preparation
Virtual network mapping algorithm for large-scale network environment
GPSA: A Greedy Pull-based Scheduling Approach for P2P Live Streaming under Heterogeneous Environments
Automatic Approach to Ontology Evolution Based on Change Impact Comparisons
GF(2~(192))域上ECC加密的FPGA实现
eTOM与ITIL融合方法研究
基于第三方支付的移动数字作品交易模型
NMS-EMS网络管理接口标准现状综述及展望
Quantum secret sharing between multiparty and multiparty with entanglement swapping
Secure authentication of classical messages with single photons
Entanglement distribution using three-mode separable state with imperfect equipments
General description of discriminating quantum operations
期刊信息
  • 《哈尔滨工业大学学报》
  • 中国科技核心期刊
  • 主管单位:中华人民共和国工业和信息化部
  • 主办单位:哈尔滨工业大学
  • 主编:冷劲松
  • 地址:哈尔滨市南岗区西大直街92号
  • 邮编:150001
  • 邮箱:
  • 电话:0451-86403427 86414135
  • 国际标准刊号:ISSN:0367-6234
  • 国内统一刊号:ISSN:23-1235/T
  • 邮发代号:14-67
  • 获奖情况:
  • 2000年获黑龙省科技期刊评比一等奖,中国期刊方阵“双效”期刊
  • 国内外数据库收录:
  • 美国化学文摘(网络版),美国数学评论(网络版),德国数学文摘,荷兰文摘与引文数据库,美国工程索引,美国剑桥科学文摘,日本日本科学技术振兴机构数据库,中国中国科技核心期刊,中国北大核心期刊(2004版),中国北大核心期刊(2008版),中国北大核心期刊(2011版),中国北大核心期刊(2014版),中国北大核心期刊(2000版)
  • 被引量:27329