中文摘要：

现有网络安全态势预测方法无法准确反映未来安全态势要素值变化对未来安全态势的影响,且不能很好地处理各安全要素间的相互影响关系对未来网络安全态势的影响,提出了基于时空维度分析的网络安全态势预测方法.首先从攻击方、防护方和网络环境3方面提取网络安全态势评估要素,然后在时间维度上预测分析未来各时段内的安全态势要素集,最后在空间维度上分析各安全态势要素集及其相互影响关系对网络安全态势的影响,从而得出网络的安全态势.通过对公用数据集网络的测评分析表明,该方法符合实际应用环境,且相比现有方法提高了安全态势感知的准确性.

英文摘要：

Network security situation prediction methods can make the security administrator better understand the network security situation and the network situation trend. However, the existing security situational prediction methods can not precisely reflect the variation of network future security situation caused by security elements＇ change and do not handle the impact of the interaction relationship between the various security elements of future network security situation. In view of this situation, a network situation prediction method based on spatial-time dimension analysis is presented. The proposed method extracts security elements from attacker, defender and network environment. We predict and analyze these elements from the time dimension in order to provide data for the situation calculation method. Using the predicted elements, the impact value caused by neighbor node＇s security situation elements is computed based on spatial data mining theory. In combination with node＇s degree of importance, the security situation value is obtained. To evaluate our methods, MIT Lincoln Lab＇s public dataset is used to conduct our experiments. The experiments results indicate that our method is suitable for a real network environment. Besides, our method is much more accurate than the ARMA model method.