作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2011, Vol. 37 ›› Issue (8): 127-129. doi: 10.3969/j.issn.1000-3428.2011.08.043

• 安全技术 • 上一篇    下一篇

基于动态贝叶斯网络的入侵意图识别方法

吴庆涛,王琦璟,郑瑞娟   

  1. (河南科技大学电子信息工程学院,河南 洛阳 471003)
  • 出版日期:2011-04-20 发布日期:2012-10-31
  • 作者简介:吴庆涛(1975-),男,副教授、博士,主研方向:网络信息安全;王琦璟,硕士研究生;郑瑞娟,副教授
  • 基金资助:
    国家自然科学基金资助项目(61003035);河南省教育厅自然科学研究计划基金资助项目(2009A520012);河南省高校青年骨干教师资助计划基金资助项目(教高[2009]884号)

Intrusion Intention Recognition Method Based on Dynamic Bayesian Networks

WU Qing-tao, WANG Qi-jing, ZHENG Rui-juan   

  1. (College of Electronic & Information Engineering, Henan University of Science and Technology, Luoyang 471003, China)
  • Online:2011-04-20 Published:2012-10-31

摘要: 在构建高层次攻击场景和处理复杂攻击时,入侵检测技术难以有效察觉入侵者的意图、识别攻击间的语义以及预测下一步攻击。为此,针对网络复杂攻击过程中的不确定性,提出一种基于动态贝叶斯网络的入侵意图识别方法,采用动态贝叶斯有向无环图实时表述攻击行为、意图与攻击目标之间的关联,应用概率推理方法预测入侵者的下一步攻击。实验结果反映入侵者的意图在入侵过程中的变化规律,验证该方法的有效性。

关键词: 动态贝叶斯网络, 入侵意图, 有向无环图, 概率推理

Abstract: It is difficult to detect the intention of an intruder, identify semantics of attacks and predict further attacks effectively using intrusion detection methods in the construction of high-level attack scenario and disposal of sophisticated attack. Aiming at the uncertain question in the attack process, this paper presents an intrusion intention recognition method based on Dynamic Bayesian Networks(DBN). Directed Acyclic Graph(GAG) is used to express the connection between attack behavior, attack plan and objectives, and the probabilistic reasoning method is used to predict next attack. Experiments reflect the change law of intrusion intention in the attack process, and proves the feasibility and validity.

Key words: Dynamic Bayesian Networks(DBN), intrusion intention, Directed Acyclic Graph(GAG), probabilistic reasoning

中图分类号: