基于贝叶斯网络的攻击事件智能发掘模型
作者:
作者单位:

电子科技大学 电子科学技术研究院,四川 成都 611731

作者简介:

李岳峰(1997-),男,在读硕士研究生,主要研究方向为计算机网络安全.email:1139627163@qq.com.
刘 丹(1969-),男,博士,副教授,主要研究方向为网络安全、自然语言处理.

通讯作者:

基金项目:

伦理声明:



Intelligent mining model of attack events based on Bayesian network
Author:
Ethical statement:

Affiliation:

Research Institute of Electronic Science and Technology,University of Electronic Science and Technology of China, Chengdu Sichuan 611731,China

Funding:

  • 摘要
  • |
  • 图/表
  • |
  • 访问统计
  • |
  • 参考文献
  • |
  • 相似文献
  • |
  • 引证文献
  • |
  • 资源附件
    摘要:

    针对目前传统入侵检测系统难以得出网络攻击行为之间存在的关联关系问题,以攻击图表示模型为指引,提出一种基于贝叶斯网络的攻击事件智能发掘模型。本文以先验知识建立贝叶斯攻击行为关联图。基于属性相似度聚合网络攻击行为,针对网络攻击场景设计高效的Ex-Apriori算法发掘攻击行为间的关联规则,并建立攻击行为组集。利用贝叶斯攻击行为关联图的参数对攻击行为组集进行计算,实现对攻击事件的发掘。实验表明,本模型能有效提取网络攻击事件及发现攻击路径,为网络攻击事件的发现与应对措施提供理论支持和技术支撑。

    Abstract:

    It is difficult for traditional intrusion detection systems to obtain the relationship among network attack behaviors. Taking an attack graph representation model as a guide, an intelligent mining model of attack events based on Bayesian network is proposed. A Bayesian attack association graph is established based on prior knowledge. The network attack behaviors are aggregated based on attribute similarity. An efficient Ex-Apriori algorithm is designed for network attack scenarios to discover the association rules among the attack behaviors, and the attack behavior group set is established. Finally, the attack behavior group set is calculated by using the parameters of the Bayesian attack association graph to realize the discovery of attack events. Experiments show that this model can effectively extract network attack events and discover attack paths, and provide theoretical and technical support for the discovery and countermeasures of network attack events.

    参考文献
    相似文献
    引证文献
引用本文

李岳峰,刘丹.基于贝叶斯网络的攻击事件智能发掘模型[J].太赫兹科学与电子信息学报,2023,21(11):1370~1380

复制
分享
文章指标
  • 点击次数:
  • 下载次数:
  • HTML阅读次数:
历史
  • 收稿日期:2021-07-20
  • 最后修改日期:2021-09-02
  • 录用日期:
  • 在线发布日期: 2023-11-28
  • 出版日期: