计算机工程 ›› 2020, Vol. 46 ›› Issue (12): 127-133.doi: 10.19678/j.issn.1000-3428.0059022

• 网络空间安全 • 上一篇    下一篇

基于分级优化置信规则库的网络安全态势预测方法

胡庆爽a, 李成海b, 路艳丽b, 宋亚飞b   

  1. 空军工程大学 a. 研究生院;b. 防空反导学院, 西安 710051
  • 收稿日期:2020-07-22 修回日期:2020-08-25 发布日期:2020-08-26
  • 作者简介:胡庆爽(1996-),男,硕士研究生,主研方向为防空反导网络信息防御;李成海,教授、博士;路艳丽,讲师、博士;宋亚飞,副教授、博士。
  • 基金项目:
    国家自然科学基金(61703426);中国博士后科学基金(2018M633680);陕西省高校科协青年人才托举计划(20190108)。

Network Security Situation Prediction Method Based on Hierarchically Optimized Belief Rule Base

HU Qingshuanga, LI Chenghaib, LU Yanlib, SONG Yafeib   

  1. a. Graduate School;b. College of Air and Missile Defense, Air Force Engineering University, Xi'an 710051, China
  • Received:2020-07-22 Revised:2020-08-25 Published:2020-08-26

摘要: 基于置信规则库的网络安全态势预测将定性经验知识与定量网络数据结合,具有较好的预测效果,但当训练数据分布不均时,传统整体优化的预测方法易导致过拟合造成预测精度较低。为此,利用置信规则库中规则作用范围有限的特性,提出一种将置信规则库分级优化的网络安全态势预测方法。建立模型作用空间并划分规则作用域,将训练数据按照输入坐标分配到对应的规则作用域,通过设定临界值将规则划分为可完全优化、可部分优化与不可优化3个等级,同时减少规则中待优化参数量。实验结果表明,与GAO-BRB、PSO-BRB等预测方法相比,本文方法能有效避免过拟合现象,网络安全态势预测精度更高。

关键词: 网络安全态势预测, 置信规则库, 分级优化, 作用域, 临界值

Abstract: The Network Security Situation Prediction(NSSP) based on the Belief Rule Base(BRB) combines qualitative empirical knowledge with quantitative network data,and has good prediction effect.However,when the training data is not evenly distributed,the traditional prediction method for overall optimization tend to cause overfitting,which leads to a low prediction accuracy.To address the problem,this paper considers the limited scope of rules in the BRB,and proposes a NSSP method based on Hierarchically Optimized Belief Rule Base(HOBRB).The action space of the model is established and the rule scope is divided.Then the training data is allocated to the corresponding rule scope according to the input coordinates.By setting the critical value,the rules are divided into three levels:the fully optimizable ones,the partially optimizable ones,and the non-optimizable ones.Meanwhile,the number of parameters to be optimized in the rules is reduced.Experimental results show that compared with GAO-BRB,PSO-BRB and other prediction methods,the proposed method can effectively avoid overfitting,and improve the prediction accuracy of network security situation.

Key words: Network Security Situation Prediction (NSSP), Belief Rule Base(BRB), hierarchical optimization, scope, critical value

中图分类号: