计算机工程

• 安全技术 • 上一篇    下一篇

基于贝叶斯推理的PASG计算模型

王辉 1,亢凯航 1,刘淑芬 1,2   

  1. (1.河南理工大学 计算机科学与技术学院,河南 焦作 454000;2.吉林大学 计算机科学与技术学院,长春 130012)
  • 收稿日期:2015-11-13 出版日期:2016-11-15 发布日期:2016-11-15
  • 作者简介:王辉(1975—),男,副教授、博士,主研方向为网络安全、无线传感器网络;亢凯航,硕士研究生;刘淑芬,教授。
  • 基金项目:
    国家自然科学基金(61300216);高等学校博士学科点专项科研基金(20124116120004);河南省教育厅科学技术研究重点基金(13A510325)。

PASG Computational Model Based on Bayesian Inference

WANG Hui  1,KANG Kaihang  1,LIU Shufen  1,2   

  1. (1.College of Computer Science and Technology,Henan Polytechnic University,Jiaozuo,Henan 454000,China; 2.College of Computer Science and Technology,Jilin University,Changchun 130012,China)
  • Received:2015-11-13 Online:2016-11-15 Published:2016-11-15

摘要: 互联网中存在的内部威胁具有隐蔽性高、难以管理等特点。为此,建立一种针对内部威胁的贝叶斯网络攻击图(BNAG)模型。将攻击者在攻击过程中的行为作为研究对象,以行为在其动作期间的资源指向为基础,通过<行为,资源>二元组对模型内部进行分析,同时基于BANG模型,量化分析其中的资源与行为、行为与资源间的关联度,进一步给出贝叶斯网络节点概率计算模型(PASG)。将似然加权法作为评估抽样方法,对内部威胁进行预测分析。实例分析结果表明,PASG模型对内部威胁能够起到有效的预测及防范作用。

关键词: 内部威胁, 贝叶斯网络, 网络攻击图, 似然加权, 信息融合

Abstract: For the characteristics of insider threats in Internet,such as high concealment and difficult management,this paper proposes a Bayesian Network Attack Graph(BNAG) model which aims at insider threats.It takes the behavior of attacker in the attack process as the research object,takes the resource point of the behavior pointing as the basis,and analyses internal threats by the two-tuples .Relying on the BNAG model,it quantitatively analyses the relationship between resources and behavior,behavior and resources in the model,and proposes Probability of Attack Structure Graph(PASG) computational model based on Bayesian reseasoning.It forecasts and analyses the internal threats by the modified likelihood weighting method.The example analysis result shows that the proposed model can effectively forcast and prevent the insider threats.

Key words: insider threat, Bayesian network, network attack graph, likehood weighting, information fusion

中图分类号: