CN104539601A - Reliability analysis method and system for dynamic network attack process - Google Patents
Reliability analysis method and system for dynamic network attack process Download PDFInfo
- Publication number
- CN104539601A CN104539601A CN201410806370.4A CN201410806370A CN104539601A CN 104539601 A CN104539601 A CN 104539601A CN 201410806370 A CN201410806370 A CN 201410806370A CN 104539601 A CN104539601 A CN 104539601A
- Authority
- CN
- China
- Prior art keywords
- particle
- consumed resource
- network attack
- hid
- attack process
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/145—Network analysis or design involving simulating, designing, planning or modelling of a network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/147—Network analysis or design for predicting network behaviour
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention relates to a reliability analysis method and system for a dynamic network attack process. The method includes the steps that S1, a petri net model of the network attack process is set up; S2, changes are motivated through a change motivating rule, and the believability of a conclusion proposition is calculated; S3, according to the believability of the conclusion proposition, the resource consumption of the petri net model of the network attack process is adjusted by the adoption of a granule algorithm; S4, the reliability of the system instantaneous state when attacks happen is evaluated according to the resource consumption. As the petri net model of the network attack process is set up, and the resource consumption in the model is adjusted, reliability ordering of all attack paths can be obtained, and a basis is supplied to network managers for predicting the attack paths.
Description
Technical field
The present invention relates to technical field of network security, particularly relate to a kind of dynamic network attack process analysis method for reliability based on two stage optimization algorithm and system.
Background technology
Network attack process be an assailant according to Prerequisite and target, carried out the process of acquisition of information and privilege-escalation by implementation Process.In network attack process, attack graph is a kind of analytical method of application network weakness, analyze the dependence between weakness, be beneficial to network manager know in advance or predict contingent attack sequence (attack path), thus can take preventive measures in time, improve the fail safe of network, reduce the generation of network attack.In specific business scenario, due to factor impacts such as each node importance and resources costs, the resource consumption of each weakness analyzed further by frequent needs, generate the attack graph in each corresponding resource consumption path, determine the attack path reliability ordering of the corresponding each resource consumption of weakness, with reasonable distribution secure resources, and improve the success rate in Forecast attack path.But analyzing in attack graph in the process of the corresponding each resource consumption of weakness, often there is a large amount of ambiguity information in consumed resource.In these cases, be more suitable for being estimated by the reliability of fuzzy operation to network attack process of fuzzy number.System ambiguous reliability theory is that fuzzy mathematics combines with system reliability the product produced, research be blooming in systems reliability analysis, to a beneficial complement of common reliability design, it is also the method for the process fuzzy uncertain sex chromosome mosaicism accounting for main flow at present.Therefore leaving for process large-scale complicated system from fuzzy theory will one of the emphasis becoming system Reliability Research, and it has become the direction that numerous scholar endeavours to study.
In network attack process reliability, in recent years, people have carried out large quantifier elimination and test, propose multiple analysis method for reliability, and the technology of other field is incorporated in fail-safe analysis, these methods have certain applicability for the fail-safe analysis of network attack process.But generally speaking, network attack process reliability analytical method need further research and perfect, in the face of day by day complicated network attack process and more and more accurate analysis method for reliability, the accuracy of network attack procedure parameter value becomes the principal element affecting network attack process reliability, and the parameter value optimization of network attack process dynamics variable condition remains the key difficulties problem of network attack process reliability analysis.
Network attack process reliability analytical method based on parameter evaluation is the newer network attack process reliability analytical method based on parameter optimal value proposed in recent years, it is mainly through the blur parameter value of computing intelligence critic network attack process, then the analysis of network attack process reliability is carried out by certain technological means, but still not mature enough based on the network attack process reliability analysis of blur parameter value at present, mainly face following problem:
(1) due to the existence of network attack process dynamics variable condition, when network attack process status changes, the various parameters of original model are as no longer applicable in threshold value etc., again must mark on model network attack procedure parameter, therefore the adaptability of network attack process model has much room for improvement, need systematized model to support, the dynamic model that the feature of therefore attack process dynamic change Network Based sets up network attack process has important Research Significance and supports each stage that multi-state System Reliability analyzes.
(2) parameter value of network attack process reliability model itself is generally rely on artificial experience to determine, the uncertainty of artificial experience is added in the algorithm like this, affect the accuracy of algorithm with regard to easy.Therefore, research can just seem particularly important according to the method for sample Automatic adjusument network attack procedure parameter value.
(3) generally speaking, though network attack procedural theory framework first meeting clue, but general model is also lacked for the fail-safe analysis of the various network attack processes of reality.Some special technical methods only can be adopted to solve the network attack process of some classifications at present.Fuzzy Reliability Theory is all also in preliminary development stage in theoretical research or in engineer applied, and the fuzzy Reliability Model of General System does not still have clear and definite physical definition.Fuzzy Reliability for network attack process is more complicated, does not also have general rational computational analysis model.The application background of large complicated network attack process, properity and the relation between it and subsystems must be understood in depth, modeling and fail-safe analysis are carried out to its Fuzzy Reliability.
Summary of the invention
Based on the problems referred to above, the invention provides a kind of dynamic network attack process analysis method for reliability and system, by setting up networking attack process petri pessimistic concurrency control, consumed resource in model is adjusted, thus the reliability ordering of each attack path can be provided, for network management personnel's Forecast attack path provides foundation.
According to above-mentioned purpose, one aspect of the present invention provides a kind of dynamic network attack process analysis method for reliability, and it is characterized in that, described method comprises:
S1, set up network attack process petri pessimistic concurrency control;
S2, excite transition by transition firing rules, calculate the confidence level of conclusion proposition;
S3, particle algorithm is adopted to adjust according to the confidence level of described conclusion proposition to the consumed resource of network attack process petri pessimistic concurrency control;
S4, according to the assessment of described consumed resource attack occur time system instantaneous state reliability.
Wherein, described network attack process petri pessimistic concurrency control is established as:
S
MSPN=<P,D,T,I,O,α,T
h,τ>,
Wherein, P={P
1, P
2... .P
nfor storehouse finite aggregate; T={t
1, t
2... .t
mit is the finite aggregate changed; D represents the finite aggregate of proposition; I is input matrix, and O is the confidence level of output matrix, proposition corresponding to α library representation, T
hrepresent the consumed resource in state change process; τ represents the average enforcement speed of transition.
Wherein, described step S3 specifically comprises:
S31, set first iterations d
1, and first permissible error ε is set
1, initial resource consumption vector is t
h01;
S32, calculating confidence level error vector:
wherein,
library representation institute p respectively
ithe actual confidence level mark value that exports of z lot sample notebook data and Expected confidence mark value, b is storehouse institute number, altogether g lot sample notebook data,
S33, judgement
if so, then perform step S6, otherwise perform next step;
S34, utilize particle cluster algorithm to adjust consumed resource, described adjustment equation is:
Wherein, v
idfor storehouse institute p
ithe regulating the speed of the d time iteration, t
hidfor storehouse institute p
ithe consumed resource of the d time iteration, p
ld, p
gdrepresent the history optimal value of each particle and the optimal value of all particles respectively; ω represents the coefficient keeping original speed; c
1, c
2particle tracking oneself history optimal value and tracking colony optimal value respectively; γ
1, γ
2it is [0,1] interval interior equally distributed random number; R is adjustment number of times;
S35, judgement
be, then d
1=d
1+ 1, return step S33, if
Then perform step S34;
S36, adjustment terminate, become for the first time consumed resource vector into
then consumed resource parameter is
Wherein, described step S3 also comprises:
S37, setting second iteration number of times d
2, secondary permissible error ε is set
2, initial resource consumption vector is t
h02;
S38, calculating confidence level error vector:
S39, judgement
if so, then perform step S6, otherwise perform next step;
S310, utilize modified particle swarm optiziation to adjust consumed resource, the adjustment equation of described modified particle swarm optiziation is:
Wherein, ps is weighted total least squares weight;
S311, judgement
be, then d
2=d
2+ 1, return step S38, if
Then perform step S310;
S312, adjustment terminate, and obtaining consumed resource vector is
consumed resource parameter is
Wherein, the computational process of described ps value is:
According to the membership function of the consumed resource of particle, choose fitness transforming function transformation function:
Wherein, GM is the extreme value of particle consumed resource membership function f (x) estimated, a is the normal number of reflection change of scale, and f (x) is the weighting function value of particle x;
Normalizing is carried out to the adaptive value of particle, obtains the influence degree of each particle:
The influence degree of comprehensive each particle, considers the currency p of preferably particle in standard particle algorithm with weighted total least squares weight ps
gd:
According to another aspect of the present invention, provide a kind of dynamic network attack process reliability analysis system, it is characterized in that, described system comprises:
Unit set up by Petri network model, for setting up network attack process petri pessimistic concurrency control;
Confidence level computing unit, for exciting transition by transition firing rules, calculates the confidence level of conclusion proposition;
Consumed resource adjustment unit, adopts particle algorithm to adjust for the confidence level according to described conclusion proposition to the consumed resource of network attack process petri pessimistic concurrency control;
Fail-safe analysis unit, system instantaneous state reliability when occurring for attacking according to described consumed resource assessment.
Dynamic network attack process analysis method for reliability of the present invention and system, by setting up networking attack process petri pessimistic concurrency control, consumed resource in model is carried out to the optimization in two stages, thus can in the incomplete situation of information, provide the reliability ordering of each attack path, for network management personnel's Forecast attack path provides foundation.
Accompanying drawing explanation
Can understanding the features and advantages of the present invention clearly by reference to accompanying drawing, accompanying drawing is schematic and should not be construed as and carry out any restriction to the present invention, in the accompanying drawings:
Fig. 1 shows the flow chart of dynamic network attack process analysis method for reliability of the present invention.
Fig. 2 shows the structured flowchart of dynamic network attack process reliability analysis system of the present invention.
Fig. 3 shows the laboratory network topology diagram of one embodiment of the present of invention.
Fig. 4 shows the Laboratory Network string bag attack graph of one embodiment of the present of invention.
Fig. 5 shows the network attack process petri pessimistic concurrency control schematic diagram of the laboratory network of one embodiment of the present of invention.
Fig. 6 shows the first stage Adjustment effect figure of embodiments of the invention.
Fig. 7 shows the second stage Adjustment effect figure of embodiments of the invention.
Embodiment
For making the object of the embodiment of the present invention, technical scheme and advantage clearly, below in conjunction with the accompanying drawing in the embodiment of the present invention, technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
Fig. 1 shows the flow chart of dynamic network attack process analysis method for reliability of the present invention.
With reference to Fig. 1, the detailed process of dynamic network attack process analysis method for reliability of the present invention comprises:
S1, set up network attack process petri pessimistic concurrency control.
The information ambiguity that the network attack process reliability assessment that the present invention is directed to dynamic change state exists and uncertain problem, based on Fuzzy Petri Net and state machine Petri network modeling criterion, network attack process Petri network model is set up to the network attack process of state dynamic change, utilizes Petri network model to improve fail-safe analysis efficiency.
In one embodiment of the present of invention, network attack process petri pessimistic concurrency control is defined as eight tuples a: S
mSPN=<P, D, T, I, O, α, T
h, τ >,
Wherein, P={P
1, P
2... .P
nbe the finite aggregate of storehouse institute (state), represent each possible state, P
irepresent the state set of node;
T={t
1, t
2... .t
mfor changing the finite aggregate of node, represent the annexation between network attack process status;
I:P → T is input matrix, reflection storehouse institute arrive change mapping, I={ δ
iJ, δ
iJamount of logic, δ
iJ{ 0,1} works as P to ∈
it
jinput (namely there is P
ito T
jdirected arc) time, δ
iJ=1, work as P
inot T
jinput (namely there is not P
ito T
jdirected arc) time, δ
iJ=0, i=1,2 ... .n, j=1,2 ... .m;
O:T → P is output matrix, reflection be transitted towards storehouse mapping, O={ γ
iJ, γ
ijamount of logic, γ
ij{ 0,1} works as P to ∈
it
joutput (namely there is T
jto P
idirected arc) time, γ
ij=1, work as P
inot T
joutput (namely there is not T
jthe P arrived
idirected arc) time, γ
ij=0, i=1,2 ... .n, j=1,2 ... .m;
T
h: T
h=diag{ λ
1, λ
2... λ
m, λ
ithe fuzzy number of ∈ [0,1], represents transition t
jstartup threshold value, in addition, in network attack process status change procedure, can be used for representing the consumed resource in state change process;
τ={ τ
1, τ
2.... τ
n, be transition t
javerage enforcement speed, represent under enable condition, the average initiation number of times in the unit interval, unit is time/time per unit.Initiation number of times is a positive real fuzzy number.
The network attack process Petri network model that patent of the present invention proposes, network attack process Petri network model is set up based on Fuzzy Petri Net and state machine Petri network, the input and output of transition represent each node state, multiple fuzzy proposition can be had in each node state, each fuzzy proposition has different confidence levels, be used for limiting different state variation and the precondition that must meet occurs, transition threshold value has [0,1] interval fuzzy number, is used for representing the consumed resource in state change process.
S2, excite transition by transition firing rules, calculate the confidence level of conclusion proposition;
As transition t
kwhen exciting, its input magazine in mark value do not change, and to output storehouse institute p
itransmitting new confidence value is:
Wherein, j=1,2 ... n, k=1,2 ... m.
S3, particle algorithm is adopted to adjust according to the confidence level of described conclusion proposition to the consumed resource of network attack process petri pessimistic concurrency control;
In one embodiment, the adjustment of step S3 is divided into two stages to carry out, and the detailed process of first stage comprises:
S31, set first iterations d
1, and first permissible error ε is set
1, initial resource consumption vector is t
h01;
S32, calculating confidence level error vector:
Wherein,
library representation institute p respectively
ithe actual confidence level mark value that exports of z lot sample notebook data and Expected confidence mark value, b is storehouse institute number, altogether g lot sample notebook data,
S33, judgement
if so, then perform step S6, otherwise perform next step;
S34, utilize particle cluster algorithm to adjust consumed resource, described adjustment equation is:
Wherein, v
idfor storehouse institute p
ithe regulating the speed of the d time iteration, t
hidfor storehouse institute p
ithe consumed resource of the d time iteration, p
ld, p
gdrepresent the history optimal value of each particle and the optimal value of all particles respectively; ω represents the coefficient keeping original speed; c
1, c
2particle tracking oneself history optimal value and tracking colony optimal value respectively; γ
1, γ
2it is [0,1] interval interior equally distributed random number; R is adjustment number of times;
S35, judgement
be, then d
1=d
1+ 1, return step S33, if
Then perform step S34;
S36, adjustment terminate, become for the first time consumed resource vector into
then consumed resource parameter is
In first stage adjustment, after utilizing the particle algorithm successive ignition improved, population is tended towards stability substantially, p
gddirectly determined by the most successful current particle, but the super particle that its direction of search tends to be had by a few absolute predominance controls, population might not be guided to the direction of global optimum by these particles, and this is just easy to occur premature convergence problem.In order to avoid this phenomenon, carry out the adjustment of first stage, in second stage, adopt a transforming function transformation function, ensure that a particle is chosen as p
gdprobability be inversely proportional to its target function value, and the adaptive value after conversion is not less than zero.And due to number of particles in modified hydrothermal process numerous, influencing factor is complicated, and according to the membership function of the consumed resource of particle, the fitness transforming function transformation function that we choose is:
wherein, GM is the extreme value of particle transition weight membership function f (x) estimated, a is the normal number of a reflection change of scale, and f (x) is the weighting function value of particle x.Then normalizing is carried out to the adaptive value of particle, obtains the influence degree of each particle:
The influence degree of comprehensive each particle, considers the currency p of preferably particle in standard particle algorithm with weighted total least squares weight ps
gd.
Then upgrade after particle algorithm speed/positional more new formula be:
Based on the equation of the particle algorithm after above-mentioned renewal, carry out the adjustment of second stage, detailed process is:
S37, setting second iteration number of times d
2, secondary permissible error ε is set
2, initial resource consumption vector is t
h02;
S38, calculating confidence level error vector:
S39, judgement | E (t
hd2) | < ε
2, if so, then perform step S6, otherwise perform next step;
S310, utilize modified particle swarm optiziation to adjust consumed resource, the adjustment equation of described modified particle swarm optiziation is:
Wherein, ps is weighted total least squares weight;
S311, judgement
be, then d
2=d
2+ 1, return step S38, if
Then perform step S310;
S312, adjustment terminate, and obtaining consumed resource vector is
consumed resource parameter is
In above-mentioned two stage optimization algorithm, when parameter optimization, in order to avoid convergence rate slowly and be easily absorbed in the problem of local minimum, each input amendment is to the not generation effect immediately of the Weighted Fuzzy Petri Net model of network attack process, by the time after whole input amendment of a cycle of training input all successively, whole error is obtained total error, then concentrates amendment parameter.And, in order to avoid there is precocious phenomenon, adopting a transforming function transformation function in the second stage of algorithm, ensureing that a particle is chosen as p
gdprobability be inversely proportional to its target function value, and the adaptive value after conversion is not less than zero.
S4, according to the assessment of described consumed resource attack occur time system instantaneous state reliability.
Fig. 2 shows the structured flowchart of dynamic network attack process reliability analysis system of the present invention.
With reference to Fig. 2, an alternative embodiment of the invention provides a kind of dynamic network attack process reliability analysis system, specifically comprises:
Unit 10 set up by Petri network model, for setting up network attack process petri pessimistic concurrency control;
Confidence level computing unit 20, for exciting transition by transition firing rules, calculates the confidence level of conclusion proposition;
Consumed resource adjustment unit 30, adopts particle algorithm to adjust for the confidence level according to described conclusion proposition to the consumed resource of network attack process petri pessimistic concurrency control;
Fail-safe analysis unit 40, system instantaneous state reliability when occurring for attacking according to described consumed resource assessment.
Below by way of specific embodiment, dynamic network attack process analysis method for reliability of the present invention is described.
Fig. 3 shows the laboratory network topology diagram of one embodiment of the present of invention.Fig. 4 shows the Laboratory Network string bag attack graph of one embodiment of the present of invention.
One embodiment of the present of invention are implemented by the laboratory network model of, and laboratory network model as shown in Figure 3.
In Fig. 3, network topology structure only has internal network part, and assailant can only implement to attack to the destination node in website by Intranet, and this Intranet is interconnected by router, data center and terminal node and forms, and its sub-attack graph as shown in Figure 4.
Fig. 5 shows the network attack process petri pessimistic concurrency control schematic diagram of the laboratory network of one embodiment of the present of invention.
First suppose that the transition in Fig. 5 are all enable, utilize the consumed resource of the Weighted Fuzzy Petri Net of the particle Algorithm Learning network attack process of above-mentioned improvement, iterations d=0, arranges permissible error ε=0.009, Population Size elects 300 as, initial resource consumption vector ω
0elect 300 random numbers (representing the various possibility values of attacking transition consumed resource) between 0 and 1 as, for the purpose of justice, each state proposition confidence level is unified is set to 0.9, then the two-tie commit algorithm of the Realization of Simulation consumed resource in matlab.
Fig. 6 shows the first stage Adjustment effect figure of embodiments of the invention.Fig. 7 shows the second stage Adjustment effect figure of embodiments of the invention.
As shown in Figure 6 and Figure 7, from simulation result, second stage optimization is obviously fast than first stage convergence rate, and highly stable after convergence for the two-tie commit algorithm fitness function change curve that the present invention proposes.Can find out, two-tie commit algorithm of the present invention obviously can improve convergence rate and highly stable after convergence, in addition, from simulation process, can find out convergence rate quickly, as shown in Figure 7, just can be optimized result by roughly 90 steps.Therefore, in convergence speedup speed and avoid two-tie commit algorithm in this paper in Premature Convergence to achieve good effect.
Finally, evaluate its instantaneous state reliability performance according to assessment consumed resource to expect, show that method for evaluating reliability in this paper is more accurate in the expectation of calculating multiple-limb attack path instantaneous reliability performance by matlab emulation, in predicted branches attack path, there is good theoretical direction, and its instantaneous reliability expected performance alpha levels cut set of different attack states can be different according to α value difference, for the network attack process reliability evaluation of dynamic change also provides theoretical direction.
Dynamic network attack process analysis method for reliability of the present invention and system, by setting up networking attack process petri pessimistic concurrency control, consumed resource in model is carried out to the optimization in two stages, thus can in the incomplete situation of information, provide the reliability ordering of each attack path, for network management personnel's Forecast attack path provides foundation.
Although describe embodiments of the present invention by reference to the accompanying drawings, but those skilled in the art can make various modifications and variations without departing from the spirit and scope of the present invention, such amendment and modification all fall into by within claims limited range.
Claims (6)
1. a dynamic network attack process analysis method for reliability, is characterized in that, described method comprises:
S1, set up network attack process petri pessimistic concurrency control;
S2, excite transition by transition firing rules, calculate the confidence level of conclusion proposition;
S3, particle algorithm is adopted to adjust according to the confidence level of described conclusion proposition to the consumed resource of network attack process petri pessimistic concurrency control;
S4, according to the assessment of described consumed resource attack occur time system instantaneous state reliability.
2. method according to claim 1, is characterized in that, described network attack process petri pessimistic concurrency control is established as:
S
MSPN=<P,D,T,I,O,α,T
h,τ>
Wherein, P={P
1, P
2... .P
nfor storehouse finite aggregate; T={t
1, t
2... .t
mit is the finite aggregate changed; D represents the finite aggregate of proposition; I is input matrix, and O is the confidence level of output matrix, proposition corresponding to α library representation, T
hrepresent the consumed resource in state change process; τ represents the average enforcement speed of transition.
3. method according to claim 1, is characterized in that, described step S3 specifically comprises:
S31, set first iterations d
1, and first permissible error ε is set
1, initial resource consumption vector is t
h01;
S32, calculating confidence level error vector:
wherein,
library representation institute p respectively
ithe actual confidence level mark value that exports of z lot sample notebook data and Expected confidence mark value, b is storehouse institute number, altogether g lot sample notebook data,
S33, judgement
if so, then perform step S6, otherwise perform next step;
S34, utilize particle cluster algorithm to adjust consumed resource, described adjustment equation is:
Wherein, v
idfor storehouse institute p
ithe regulating the speed of the d time iteration, t
hidfor storehouse institute p
ithe consumed resource of the d time iteration, p
ld, p
gdrepresent the history optimal value of each particle and the optimal value of all particles respectively; ω represents the coefficient keeping original speed; c
1, c
2particle tracking oneself history optimal value and tracking colony optimal value respectively; γ
1, γ
2it is [0,1] interval interior equally distributed random number; R is adjustment number of times;
S35, judgement
be, then d
1=d
1+ 1, return step S33, if
then perform step S34;
S36, adjustment terminate, become for the first time consumed resource vector into
then consumed resource parameter is
4. method according to claim 3, is characterized in that, described step S3 also comprises:
S37, setting second iteration number of times d
2, secondary permissible error ε is set
2, initial resource consumption vector is t
h02;
S38, calculating confidence level error vector:
S39, judgement
if so, then perform step S6, otherwise perform next step;
S310, utilize modified particle swarm optiziation to adjust consumed resource, the adjustment equation of described modified particle swarm optiziation is:
Wherein, ps is weighted total least squares weight;
S311, judgement
be, then d
2=d
2+ 1, return step S38, if
then perform step S310;
S312, adjustment terminate, and obtaining consumed resource vector is
consumed resource parameter is
5. method according to claim 4, is characterized in that, the computational process of described ps value is:
According to the membership function of the consumed resource of particle, choose fitness transforming function transformation function:
Wherein, GM is the extreme value of particle consumed resource membership function f (x) estimated, a is the normal number of reflection change of scale, and f (x) is the weighting function value of particle x;
Normalizing is carried out to the adaptive value of particle, obtains the influence degree of each particle:
The influence degree of comprehensive each particle, considers the currency p of preferably particle in standard particle algorithm with weighted total least squares weight ps
gd:
6. a dynamic network attack process reliability analysis system, is characterized in that, described system comprises:
Unit set up by Petri network model, for setting up network attack process petri pessimistic concurrency control;
Confidence level computing unit, for exciting transition by transition firing rules, calculates the confidence level of conclusion proposition;
Consumed resource adjustment unit, adopts particle algorithm to adjust for the confidence level according to described conclusion proposition to the consumed resource of network attack process petri pessimistic concurrency control;
Fail-safe analysis unit, system instantaneous state reliability when occurring for attacking according to described consumed resource assessment.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410806370.4A CN104539601B (en) | 2014-12-19 | 2014-12-19 | Dynamic network attack process analysis method for reliability and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410806370.4A CN104539601B (en) | 2014-12-19 | 2014-12-19 | Dynamic network attack process analysis method for reliability and system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104539601A true CN104539601A (en) | 2015-04-22 |
CN104539601B CN104539601B (en) | 2017-01-04 |
Family
ID=52855070
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410806370.4A Expired - Fee Related CN104539601B (en) | 2014-12-19 | 2014-12-19 | Dynamic network attack process analysis method for reliability and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104539601B (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106453217A (en) * | 2016-04-13 | 2017-02-22 | 河南理工大学 | Network attack path behavior prediction method based on path revenue calculation |
CN106534195A (en) * | 2016-12-19 | 2017-03-22 | 杭州信雅达数码科技有限公司 | Network attacker behavior analyzing method based on attack graph |
CN110784483A (en) * | 2019-11-04 | 2020-02-11 | 北京航空航天大学 | DGA abnormal domain name-based event detection system and method |
CN112019526A (en) * | 2020-08-11 | 2020-12-01 | 北京航空航天大学 | Expected track signal attack detection method based on multi-feature fusion |
CN112039864A (en) * | 2020-08-25 | 2020-12-04 | 华北电力大学 | Method for analyzing cross-layer security risk of electric power CPS |
CN114726601A (en) * | 2022-03-28 | 2022-07-08 | 北京计算机技术及应用研究所 | Graph structure-based information security simulation modeling and verification evaluation method |
CN115348070A (en) * | 2022-08-10 | 2022-11-15 | 中国电信股份有限公司 | Data packet processing method and device, electronic equipment and storage medium |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060242002A1 (en) * | 2005-04-26 | 2006-10-26 | Xerox Corporation | Validation and analysis of JDF workflows using colored Petri nets |
CN102413003A (en) * | 2010-09-20 | 2012-04-11 | 中国科学院计算技术研究所 | Method and system for detecting network security |
CN102638458A (en) * | 2012-03-23 | 2012-08-15 | 中国科学院软件研究所 | Method for identifying vulnerability utilization safety threat and determining associated attack path |
-
2014
- 2014-12-19 CN CN201410806370.4A patent/CN104539601B/en not_active Expired - Fee Related
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060242002A1 (en) * | 2005-04-26 | 2006-10-26 | Xerox Corporation | Validation and analysis of JDF workflows using colored Petri nets |
CN102413003A (en) * | 2010-09-20 | 2012-04-11 | 中国科学院计算技术研究所 | Method and system for detecting network security |
CN102638458A (en) * | 2012-03-23 | 2012-08-15 | 中国科学院软件研究所 | Method for identifying vulnerability utilization safety threat and determining associated attack path |
Non-Patent Citations (1)
Title |
---|
王元卓等: "基于随机博弈模型的网络攻防量化分析方法", 《计算机学报》 * |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106453217A (en) * | 2016-04-13 | 2017-02-22 | 河南理工大学 | Network attack path behavior prediction method based on path revenue calculation |
CN106453217B (en) * | 2016-04-13 | 2019-10-25 | 河南理工大学 | A kind of prediction technique of the network attack path behavior based on path income calculation |
CN106534195A (en) * | 2016-12-19 | 2017-03-22 | 杭州信雅达数码科技有限公司 | Network attacker behavior analyzing method based on attack graph |
CN106534195B (en) * | 2016-12-19 | 2019-10-08 | 杭州信雅达数码科技有限公司 | A kind of network attack person's behavior analysis method based on attack graph |
CN110784483A (en) * | 2019-11-04 | 2020-02-11 | 北京航空航天大学 | DGA abnormal domain name-based event detection system and method |
CN110784483B (en) * | 2019-11-04 | 2020-11-27 | 北京航空航天大学 | DGA abnormal domain name-based event detection system and method |
CN112019526A (en) * | 2020-08-11 | 2020-12-01 | 北京航空航天大学 | Expected track signal attack detection method based on multi-feature fusion |
CN112019526B (en) * | 2020-08-11 | 2021-08-13 | 北京航空航天大学 | Expected track signal attack detection method based on multi-feature fusion |
CN112039864A (en) * | 2020-08-25 | 2020-12-04 | 华北电力大学 | Method for analyzing cross-layer security risk of electric power CPS |
CN114726601A (en) * | 2022-03-28 | 2022-07-08 | 北京计算机技术及应用研究所 | Graph structure-based information security simulation modeling and verification evaluation method |
CN114726601B (en) * | 2022-03-28 | 2023-06-02 | 北京计算机技术及应用研究所 | Information security simulation modeling and verification evaluation method based on graph structure |
CN115348070A (en) * | 2022-08-10 | 2022-11-15 | 中国电信股份有限公司 | Data packet processing method and device, electronic equipment and storage medium |
CN115348070B (en) * | 2022-08-10 | 2024-01-30 | 中国电信股份有限公司 | Data packet processing method and device, electronic equipment and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN104539601B (en) | 2017-01-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104539601A (en) | Reliability analysis method and system for dynamic network attack process | |
CN111262858B (en) | Network security situation prediction method based on SA _ SOA _ BP neural network | |
CN103730006B (en) | A kind of combination forecasting method of Short-Term Traffic Flow | |
CN106453293B (en) | A kind of network security situation prediction method based on improved BPNN | |
Grishko et al. | Management of structural components complex electronic systems on the basis of adaptive model | |
CN102694800A (en) | Gaussian process regression method for predicting network security situation | |
CN112733997B (en) | Hydrological time series prediction optimization method based on WOA-LSTM-MC | |
CN107506865A (en) | A kind of load forecasting method and system based on LSSVM optimizations | |
CN108984830A (en) | A kind of building efficiency evaluation method and device based on FUZZY NETWORK analysis | |
Xing et al. | Research of a novel short-term wind forecasting system based on multi-objective Aquila optimizer for point and interval forecast | |
Yi et al. | Intelligent prediction of transmission line project cost based on least squares support vector machine optimized by particle swarm optimization | |
CN111008790A (en) | Hydropower station group power generation electric scheduling rule extraction method | |
CN104363104A (en) | User-requirement-oriented mass multivariate data situation displaying system and method | |
Zhang et al. | Prediction algorithm for network security situation based on bp neural network optimized by sa-soa | |
CN115329669A (en) | Power system transient stability evaluation method based on deep Bayes active learning | |
CN113887748B (en) | Online federal learning task allocation method and device, and federal learning method and system | |
CN113784380B (en) | Topology prediction method adopting graph attention network and fusion neighborhood | |
CN104217296A (en) | Listed company performance comprehensive evaluation method | |
Zhao et al. | Adaptive Swarm Intelligent Offloading Based on Digital Twin-assisted Prediction in VEC | |
Freire et al. | Predicting building's corners hygrothermal behavior by using a Fuzzy inference system combined with clustering and Kalman filter | |
CN116522747A (en) | Two-stage optimized extrusion casting process parameter optimization design method | |
CN115310727B (en) | Building cooling, heating and power load prediction method and system based on transfer learning | |
CN109978138A (en) | The structural reliability methods of sampling based on deeply study | |
CN104537224A (en) | Multi-state system reliability analysis method and system based on self-adaptive learning algorithm | |
CN102055694B (en) | Non-linear system identification method based on particle swarm |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20170104 Termination date: 20171219 |