CN107395598A - A kind of adaptive defense method for suppressing viral transmission - Google Patents

A kind of adaptive defense method for suppressing viral transmission Download PDF

Info

Publication number
CN107395598A
CN107395598A CN201710611414.1A CN201710611414A CN107395598A CN 107395598 A CN107395598 A CN 107395598A CN 201710611414 A CN201710611414 A CN 201710611414A CN 107395598 A CN107395598 A CN 107395598A
Authority
CN
China
Prior art keywords
node
state
probability
safe state
infected
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710611414.1A
Other languages
Chinese (zh)
Other versions
CN107395598B (en
Inventor
罗文俊
李龙起
祝清意
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chongqing University of Post and Telecommunications
Original Assignee
Chongqing University of Post and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing University of Post and Telecommunications filed Critical Chongqing University of Post and Telecommunications
Priority to CN201710611414.1A priority Critical patent/CN107395598B/en
Publication of CN107395598A publication Critical patent/CN107395598A/en
Application granted granted Critical
Publication of CN107395598B publication Critical patent/CN107395598B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)

Abstract

The present invention relates to a kind of adaptive defense method for suppressing viral transmission, belong to technical field of network security.This method comprises the following steps:S1:Initialize network system;S2:Virus infection;S3:Node state detection process;S4:Adaptive defense process;S5:Analyzing influences the factor of viral transmission in network system.The present invention determines whether the other computer of low level security upgrades to high safety rank with certain probability by setting the threshold value of viral load.The present invention can efficiently reduce the quantity of network system inner virus, suppress the propagation of virus.

Description

A kind of adaptive defense method for suppressing viral transmission
Technical field
The invention belongs to technical field of network security, and in particular to a kind of adaptive defense method for suppressing viral transmission.
Background technology
With the fast development of information and communication science and technology, internet has become the necessity in our daily lifes. The features such as its possessed opening, interactivity and dispersiveness, meet the shared, open, flexible and quick of people well Etc. demand.However, just because of these characteristics of internet, many network security problems are also inevitably generated, these Problem has had a strong impact on our life, even personal safety.Currently, electronic commerce times are already arrived, and are interconnected enjoying While these facilities that guipure comes, network security is also into our most concerned problems.It will be apparent that how control computer is sick The propagation of poison is a particularly significant and significant problem.
At present, antivirus software is still generally acknowledged control computer viral transmission most efficient method.But due to it certainly The limitation of body, in particular for the appearance of new virus, the antivirus software of redaction always just can be developed and answered afterwards With this explanation antivirus software has time-lag effect in terms of viral transmission is suppressed.Use for reference the idea about modeling of biological virus, scholar Propose many Computer Virus Spread dynamic models, its as it is a kind of from macroscopic aspect study viral transmission behavior weight Method is wanted, compensate for the deficiency of antivirus software well.
But in the viral transmission model proposed before, computer security defence capability is not all accounted for virus The influence of propagation.It is well known that because different property and purposes, computer are deposited in Prevention-Security ability in network system In otherness, and this otherness directly affects the propagation rate of virus in systems.Therefore, epidemiological dynamics is utilized Model to study influence of the computer security defence capability to viral transmission, and the theoretical direction for providing suppression viral transmission is one Item significantly works.
The content of the invention
In view of this, it is an object of the invention to provide a kind of adaptive defense method for suppressing viral transmission, for existing Some viral transmission models do not account for the problem of computer security defence capability influences on viral transmission, there is provided based on calculating The adaptive defense method that can suppress viral transmission of machine Prevention-Security ability rating.
To reach above-mentioned purpose, the present invention provides following technical scheme:
A kind of adaptive defense method for suppressing viral transmission, comprises the following steps:
S1:Initialize network system:Node state in network system is arranged to the safe state S of low levelLIt is or high-level Safe state SHOr state I is infected;Wherein, the safe state S of low levelLWith high-level safe state SHNode can be with different probability It is infected;Adjacent node can be infected by having infected state inode, and is cured with certain probability γ;Parameters are set, Enter the probability b, high-level safe state S of system including outer computerHNode is the safe state S of low levelLThe probability of node δ, the probability μ that each node removes from system;
S2:Virus infection:Each state inode has been infected respectively with β1、β2Probability infect low level safety adjacent thereto State SLNode and high-level safe state SHNode;
S3:Node state detection process:Detect whether each node is transformed into by the infection of virus and has infected state inode, And count its quantity;
S4:Adaptive defense process:If the quantity for having infected state inode is less than the threshold value of setting, upgrading is not taken to arrange Apply;If the quantity for having infected state inode is more than threshold value, make the safe state S of low level in systemLNode upgrades to height with certain probability Level security state SHNode, and the increase of the quantity with infection inode, upgrading probability is bigger, if upgrading probability and inode Quantity is linearly proportional, proportionality coefficient α;
S5:Analyzing influences the factor of viral transmission in network system.
Further, in step s 2, the safe state S of low levelLThe probability that node is infected with the virus is higher than high-level safety State SHNode, i.e. β12
Further, the step S3 and the step S4 are carried out simultaneously;In step s 4, the threshold value of viral load is provided ImaxWith the nonlinear function f (I) on I, when viral load is less than I in systemmaxWhen, f (I) is 0;When viral load in system More than or equal to ImaxWhen, f (I) is α I.
Further, the step S5 is specially:As b, β1、β2Increase, the increase of system inner virus quantity, viral transmission are accelerated; When α, γ increase, δ reduce, system inner virus quantity reduces, and viral transmission is suppressed.
The beneficial effects of the present invention are:The present invention does not account for computer security for existing viral transmission model Influence of the defence capability to viral transmission, otherness of this method based on Prevention-Security ability between computer, by computer Prevention-Security ability system is divided into two kinds:Low level and high-level.On this basis, determined by setting the threshold value of viral load Whether the other computer of low level security with certain probability upgrades to high safety rank.The present invention can efficiently reduce network system The quantity of inner virus, suppress the propagation of virus.
Brief description of the drawings
In order that the purpose of the present invention, technical scheme and beneficial effect are clearer, the present invention provides drawings described below and carried out Explanation:
Fig. 1 is flow chart of the present invention;
Fig. 2 is viral transmission model state transition diagram;
Fig. 3 is adaptive defense process flow diagram flow chart;
Fig. 4 is simulation analysis (1);
Fig. 5 is simulation analysis (2).
Embodiment
Below in conjunction with accompanying drawing, the preferred embodiments of the present invention are described in detail.
As Figure 1-3, a kind of adaptive defense method for suppressing viral transmission disclosed by the invention, including following step Suddenly:
S1:Initialize network system:Node state in network system is arranged to the safe state S of low levelLIt is or high-level Safe state SHOr state I is infected;Wherein, the safe state S of low levelLWith high-level safe state SHNode can be with different probability It is infected;Adjacent node can be infected by having infected state inode, and is cured with certain probability γ;Parameters are set, Enter the probability b, high-level safe state S of system including outer computerHNode is the safe state S of low levelLThe probability of node δ, the safe state S of low levelLNode upgrades to high-level safe state SHThe probability α of node, the probability that each node removes from system μ;
S2:Virus infection:Each state inode has been infected respectively with β1、β2Probability infect low level safety adjacent thereto State SLNode and high-level safe state SHNode;
S3:Node state detection process:Detect whether each node is transformed into by the infection of virus and has infected state inode, And count its quantity;
S4:Adaptive defense process:If the quantity for having infected state inode is less than the threshold value of setting, upgrading is not taken to arrange Apply;If the quantity for having infected state inode is more than threshold value, make the safe state S of low level in systemLNode upgrades to height with certain probability Level security state SHNode;
S5:Analyzing influences the factor of viral transmission in network system.
In step s 2, the safe state S of low levelLThe probability that node is infected with the virus is higher than high-level safe state SHNode, That is β12
The step S3 and the step S4 are carried out simultaneously;In step s 4, the threshold value I of viral load is providedmaxWith on I nonlinear function f (I), when viral load is less than I in systemmaxWhen, f (I) is 0;When viral load is more than or waited in system In ImaxWhen, f (I) is α I.
The step S5 is specially:As b, β1、β2Increase, the increase of system inner virus quantity, viral transmission are accelerated;As α, γ Increase, δ reduce, and system inner virus quantity reduces, and viral transmission is suppressed.
F (I) expression formula is:
The step S5 is specially:As b, β1、β2Increase, the increase of system inner virus quantity, viral transmission are accelerated;As α, γ Increase, δ reduce, and system inner virus quantity reduces, and viral transmission is suppressed.In addition, the mathematical expression of model proposed by the invention Formula is as follows:
Wherein, SL、SHRepresent the number of computers of current time respective bin, basic reproduction number respectively with I
Make SL+SH+ I=N*, above formula can be simplified to following expression:
As 0≤I<ImaxWhen, it can obtain:
System is finally stable in poisonous equalization pointWherein
Work as ImaxDuring≤I, it can obtain:
System is finally stable in poisonous equalization pointAnd poisonous equalization pointCompared to poisonous balance PointViral load have obvious reduction.
We will choose suitable parameter below, and such result is proved by emulation experiment.
(1) parameter b=0.1, δ=0.01, β 1=0.3, β 2=0.1, μ=0.1, γ=0.1, I are mademax=0.4.
As shown in figure 4, I in this case<Imax, it can be seen that system is finally stable in poisonous equalization point
(2) parameter b=0.1, α=0.5, δ=0.01, β 1=0.3, β 2=0.1, μ=0.1, γ=0.1, I are mademax= 0.1。
As shown in figure 5, I in this casemax<I, it can be seen that system is finally stable in poisonous equalization point
From the point of view of the comparing result of both the above emulation experiment, viral load has significantly after upgrading measure is implemented Reduce, it is sufficient to illustrate that a kind of adaptive defense method for suppressing viral transmission proposed by the present invention can efficiently control virus and exist Propagation in network system.
Finally illustrate, preferred embodiment above is merely illustrative of the technical solution of the present invention and unrestricted, although logical Cross above preferred embodiment the present invention is described in detail, it is to be understood by those skilled in the art that can be Various changes are made to it in form and in details, without departing from claims of the present invention limited range.

Claims (4)

  1. A kind of 1. adaptive defense method for suppressing viral transmission, it is characterised in that:This method comprises the following steps:
    S1:Initialize network system:Node state in network system is arranged to the safe state S of low levelLOr high-level safe state SHOr state I is infected;Wherein, the safe state S of low levelLWith high-level safe state SHNode can be viral with different probability Infection;Adjacent node can be infected by having infected state inode, and is cured with certain probability γ;Parameters are set, including it is outer Portion's computer enters the probability b, high-level safe state S of systemHNode is the safe state S of low levelLThe probability δ of node, each The probability μ that node removes from system;
    S2:Virus infection:Each state inode has been infected respectively with β1、β2Probability infect the safe state S of low level adjacent theretoL Node and high-level safe state SHNode;
    S3:Node state detection process:Detect whether each node is transformed into by the infection of virus and has infected state inode, and unite Count its quantity;
    S4:Adaptive defense process:If the quantity for having infected state inode is less than the threshold value of setting, upgrading measure is not taken;If The quantity for having infected state inode is more than threshold value, makes the safe state S of low level in systemLNode is upgraded to high-level with certain probability Safe state SHNode, and the increase of the quantity with infection inode, upgrading probability is bigger, if the quantity of upgrading probability and inode It is linearly proportional, proportionality coefficient α;
    S5:Analyzing influences the factor of viral transmission in network system.
  2. A kind of 2. adaptive defense method for suppressing viral transmission as claimed in claim 1, it is characterised in that:In step S2 In, the safe state S of low levelLThe probability that node is infected with the virus is higher than high-level safe state SHNode, i.e. β12
  3. A kind of 3. adaptive defense method for suppressing viral transmission as claimed in claim 1, it is characterised in that:The step S3 Carried out simultaneously with the step S4;In step s 4, the threshold value I of viral load is providedmaxWith the nonlinear function f (I) on I, When viral load is less than I in systemmaxWhen, f (I) is 0;When viral load is more than or equal to I in systemmaxWhen, f (I) is α I.
  4. A kind of 4. adaptive defense method for suppressing viral transmission as claimed in claim 1, it is characterised in that:The step S5 Specially:As b, β1、β2Increase, the increase of system inner virus quantity, viral transmission are accelerated;When disease in α, γ increase, δ reductions, system Malicious quantity reduces, and viral transmission is suppressed.
CN201710611414.1A 2017-07-25 2017-07-25 Self-adaptive defense method for inhibiting virus propagation Active CN107395598B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710611414.1A CN107395598B (en) 2017-07-25 2017-07-25 Self-adaptive defense method for inhibiting virus propagation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710611414.1A CN107395598B (en) 2017-07-25 2017-07-25 Self-adaptive defense method for inhibiting virus propagation

Publications (2)

Publication Number Publication Date
CN107395598A true CN107395598A (en) 2017-11-24
CN107395598B CN107395598B (en) 2020-06-19

Family

ID=60336840

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710611414.1A Active CN107395598B (en) 2017-07-25 2017-07-25 Self-adaptive defense method for inhibiting virus propagation

Country Status (1)

Country Link
CN (1) CN107395598B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108121916A (en) * 2017-12-15 2018-06-05 重庆邮电大学 A kind of Computer Virus Spread defence method under multilevel security degree of protection
CN108833429A (en) * 2018-06-28 2018-11-16 广东电网有限责任公司 Obtain the method, apparatus and storage medium of powerline network virus immunity strategy
CN113032782A (en) * 2021-03-09 2021-06-25 中国人民解放军空军工程大学 Virus transmission inhibition method
CN113852607A (en) * 2021-09-01 2021-12-28 中国铁道科学研究院集团有限公司 Method and device for evaluating network security performance

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101304321A (en) * 2008-07-09 2008-11-12 南京邮电大学 Method for defending equity network virus based on trust
US8347394B1 (en) * 2009-07-15 2013-01-01 Trend Micro, Inc. Detection of downloaded malware using DNS information
CN105357200A (en) * 2015-11-09 2016-02-24 河海大学 Network virus transmission behavior modeling method
WO2016172514A1 (en) * 2015-04-24 2016-10-27 Siemens Aktiengesellschaft Improving control system resilience by highly coupling security functions with control
CN106599691A (en) * 2016-12-23 2017-04-26 贾志娟 Computer virus spreading source tracing method based on complex network

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101304321A (en) * 2008-07-09 2008-11-12 南京邮电大学 Method for defending equity network virus based on trust
US8347394B1 (en) * 2009-07-15 2013-01-01 Trend Micro, Inc. Detection of downloaded malware using DNS information
WO2016172514A1 (en) * 2015-04-24 2016-10-27 Siemens Aktiengesellschaft Improving control system resilience by highly coupling security functions with control
CN105357200A (en) * 2015-11-09 2016-02-24 河海大学 Network virus transmission behavior modeling method
CN106599691A (en) * 2016-12-23 2017-04-26 贾志娟 Computer virus spreading source tracing method based on complex network

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
孟敬: "计算机病毒传播模型及其防御方法研究", 《软件导刊》 *

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108121916A (en) * 2017-12-15 2018-06-05 重庆邮电大学 A kind of Computer Virus Spread defence method under multilevel security degree of protection
CN108121916B (en) * 2017-12-15 2021-07-20 重庆邮电大学 Computer virus propagation defense method under multi-level security protection level
CN108833429A (en) * 2018-06-28 2018-11-16 广东电网有限责任公司 Obtain the method, apparatus and storage medium of powerline network virus immunity strategy
CN113032782A (en) * 2021-03-09 2021-06-25 中国人民解放军空军工程大学 Virus transmission inhibition method
CN113852607A (en) * 2021-09-01 2021-12-28 中国铁道科学研究院集团有限公司 Method and device for evaluating network security performance
CN113852607B (en) * 2021-09-01 2023-06-13 中国铁道科学研究院集团有限公司 Method and device for evaluating network security performance

Also Published As

Publication number Publication date
CN107395598B (en) 2020-06-19

Similar Documents

Publication Publication Date Title
CN107395598A (en) A kind of adaptive defense method for suppressing viral transmission
US10685109B2 (en) Elimination of false positives in antivirus records
Piqueira et al. A modified epidemiological model for computer viruses
CN106936855B (en) Network security defense decision-making determination method and device based on attack and defense differential game
CN107566387B (en) Network defense action decision method based on attack and defense evolution game analysis
Elaiw et al. Stability of an adaptive immunity pathogen dynamics model with latency and multiple delays
Song et al. Influence of removable devices on computer worms: dynamic analysis and control strategies
CN103746987B (en) Method and system for detecting DoS attack in semantic Web application
CN110619548A (en) Method, device, equipment and storage medium for determining media content delivery strategy
CN104484616A (en) Method for protecting privacy under condition of MapReduce data processing frameworks
Sweilam et al. Fractional optimal control in transmission dynamics of West Nile virus model with state and control time delay: a numerical approach
CN106446020A (en) Browser built-in crawler system-based fingerprint identification realization method
US20160197943A1 (en) System and Method for Profiling System Attacker
CN108121916B (en) Computer virus propagation defense method under multi-level security protection level
Pal et al. On differentiating cyber-insurance contracts a topological perspective
CN116684152A (en) Active defense method, device and system for multiple aggressors
Yan et al. Characterizing the optimal attack strategy decision in cyber epidemic attacks with limited resources
Jin et al. Computer virus propagation model based on bounded rationality evolutionary game theory
Leelavimolsilp et al. Selfish mining in proof-of-work blockchain with multiple miners: An empirical evaluation
Xiao et al. SAIDR: A new dynamic model for SMS-based worm propagation in mobile networks
CN108667833B (en) Communication system malicious software propagation modeling and optimal control method based on coupling
CN113315763A (en) Network security defense method based on heterogeneous group evolution game
Jin et al. Analysis and control stratagems of flash disk virus dynamic propagation model
CN107248929B (en) Strong correlation data generation method of multi-dimensional correlation data
CN112995997B (en) Optimal control method for malicious program variation model of charging wireless sensor network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant