摘要： 对网络安全态势估计的内在实质进行分析，指出网络安全态势估计实质上是利用网络安全事件的信息和知识，对网络安全态势进行不确定推理的过程。提出网络系统安全态势估计的三层模型。采用信息熵的理论和方法，定义网络安全态势估计的信息熵，证明多个检测器所获的安全事件信息经过融合处理后，网络安全态势估计的不确定性明显下降，论证信息融合思想在网络安全态势估计应用中的可 行性。

关键词: 网络安全, 态势估计, 融合模型, 信息熵

Abstract: The essence of network security situation assessment has been studied by the formal method, and this paper thinks that the network security situation assessment is the process of uncertainty reasoning on network security situation using the information and knowledge of security incidents. The three-tier model for network security situation assessment is proposed. The theoretical analysis method using information entropy theory is studied, which demonstrate the scientific feasibility of the information fusion and situation assessment applied in network security situation assessment system.

Key words: network security, situation assessment, fusion model, information entropy

中图分类号: 

• TP309