摘要： 分析并比较现有网络安全态势评估方法，从网络拓扑结构出发，引入图论算法和数据挖掘的聚类方法，提出一种针对分布式系统的安全态势评估方法。利用图聚类算法生成分布式系统网络连通图的聚类结果，计算拓扑完整性参考值，作为衡量分布式系统拓扑完整程度的指标，进行安全态势的量化分析。根据该方法实现低人为干预的安全态势评估原型系统，使用网络仿真工具验证了算法正确性和适用性。

关键词: 安全态势评估, 拓扑完整性参考值, 连通图, 聚类

Abstract: This paper analyzes and compares several typical existing methods of security situational assessment, and proposes a brand new way of assessing the security situation of distributed systems based on network topology, which incorporates both graph algorithms and a clustering algorithm of data mining. Clustering result of the connected graph corresponding to the distributed system is generated by graph clustering algorithm to calculate the integrity reference as a measure of the degree of integrity of the distributed system topology, which is used for quantitative situation assessment. This method achieves less artificial interference and its correctness and applicability are verified by simulated experiments with the network simulation tool.

Key words: security situation assessment, topology integrity reference value, connected graph, clustering

中图分类号: 

• TP393.08