CN107395598A - A kind of adaptive defense method for suppressing viral transmission - Google Patents
A kind of adaptive defense method for suppressing viral transmission Download PDFInfo
- Publication number
- CN107395598A CN107395598A CN201710611414.1A CN201710611414A CN107395598A CN 107395598 A CN107395598 A CN 107395598A CN 201710611414 A CN201710611414 A CN 201710611414A CN 107395598 A CN107395598 A CN 107395598A
- Authority
- CN
- China
- Prior art keywords
- node
- state
- probability
- safe state
- infected
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
Abstract
The present invention relates to a kind of adaptive defense method for suppressing viral transmission, belong to technical field of network security.This method comprises the following steps:S1:Initialize network system;S2:Virus infection;S3:Node state detection process;S4:Adaptive defense process;S5:Analyzing influences the factor of viral transmission in network system.The present invention determines whether the other computer of low level security upgrades to high safety rank with certain probability by setting the threshold value of viral load.The present invention can efficiently reduce the quantity of network system inner virus, suppress the propagation of virus.
Description
Technical field
The invention belongs to technical field of network security, and in particular to a kind of adaptive defense method for suppressing viral transmission.
Background technology
With the fast development of information and communication science and technology, internet has become the necessity in our daily lifes.
The features such as its possessed opening, interactivity and dispersiveness, meet the shared, open, flexible and quick of people well
Etc. demand.However, just because of these characteristics of internet, many network security problems are also inevitably generated, these
Problem has had a strong impact on our life, even personal safety.Currently, electronic commerce times are already arrived, and are interconnected enjoying
While these facilities that guipure comes, network security is also into our most concerned problems.It will be apparent that how control computer is sick
The propagation of poison is a particularly significant and significant problem.
At present, antivirus software is still generally acknowledged control computer viral transmission most efficient method.But due to it certainly
The limitation of body, in particular for the appearance of new virus, the antivirus software of redaction always just can be developed and answered afterwards
With this explanation antivirus software has time-lag effect in terms of viral transmission is suppressed.Use for reference the idea about modeling of biological virus, scholar
Propose many Computer Virus Spread dynamic models, its as it is a kind of from macroscopic aspect study viral transmission behavior weight
Method is wanted, compensate for the deficiency of antivirus software well.
But in the viral transmission model proposed before, computer security defence capability is not all accounted for virus
The influence of propagation.It is well known that because different property and purposes, computer are deposited in Prevention-Security ability in network system
In otherness, and this otherness directly affects the propagation rate of virus in systems.Therefore, epidemiological dynamics is utilized
Model to study influence of the computer security defence capability to viral transmission, and the theoretical direction for providing suppression viral transmission is one
Item significantly works.
The content of the invention
In view of this, it is an object of the invention to provide a kind of adaptive defense method for suppressing viral transmission, for existing
Some viral transmission models do not account for the problem of computer security defence capability influences on viral transmission, there is provided based on calculating
The adaptive defense method that can suppress viral transmission of machine Prevention-Security ability rating.
To reach above-mentioned purpose, the present invention provides following technical scheme:
A kind of adaptive defense method for suppressing viral transmission, comprises the following steps:
S1:Initialize network system:Node state in network system is arranged to the safe state S of low levelLIt is or high-level
Safe state SHOr state I is infected;Wherein, the safe state S of low levelLWith high-level safe state SHNode can be with different probability
It is infected;Adjacent node can be infected by having infected state inode, and is cured with certain probability γ;Parameters are set,
Enter the probability b, high-level safe state S of system including outer computerHNode is the safe state S of low levelLThe probability of node
δ, the probability μ that each node removes from system;
S2:Virus infection:Each state inode has been infected respectively with β1、β2Probability infect low level safety adjacent thereto
State SLNode and high-level safe state SHNode;
S3:Node state detection process:Detect whether each node is transformed into by the infection of virus and has infected state inode,
And count its quantity;
S4:Adaptive defense process:If the quantity for having infected state inode is less than the threshold value of setting, upgrading is not taken to arrange
Apply;If the quantity for having infected state inode is more than threshold value, make the safe state S of low level in systemLNode upgrades to height with certain probability
Level security state SHNode, and the increase of the quantity with infection inode, upgrading probability is bigger, if upgrading probability and inode
Quantity is linearly proportional, proportionality coefficient α;
S5:Analyzing influences the factor of viral transmission in network system.
Further, in step s 2, the safe state S of low levelLThe probability that node is infected with the virus is higher than high-level safety
State SHNode, i.e. β1>β2。
Further, the step S3 and the step S4 are carried out simultaneously;In step s 4, the threshold value of viral load is provided
ImaxWith the nonlinear function f (I) on I, when viral load is less than I in systemmaxWhen, f (I) is 0;When viral load in system
More than or equal to ImaxWhen, f (I) is α I.
Further, the step S5 is specially:As b, β1、β2Increase, the increase of system inner virus quantity, viral transmission are accelerated;
When α, γ increase, δ reduce, system inner virus quantity reduces, and viral transmission is suppressed.
The beneficial effects of the present invention are:The present invention does not account for computer security for existing viral transmission model
Influence of the defence capability to viral transmission, otherness of this method based on Prevention-Security ability between computer, by computer
Prevention-Security ability system is divided into two kinds:Low level and high-level.On this basis, determined by setting the threshold value of viral load
Whether the other computer of low level security with certain probability upgrades to high safety rank.The present invention can efficiently reduce network system
The quantity of inner virus, suppress the propagation of virus.
Brief description of the drawings
In order that the purpose of the present invention, technical scheme and beneficial effect are clearer, the present invention provides drawings described below and carried out
Explanation:
Fig. 1 is flow chart of the present invention;
Fig. 2 is viral transmission model state transition diagram;
Fig. 3 is adaptive defense process flow diagram flow chart;
Fig. 4 is simulation analysis (1);
Fig. 5 is simulation analysis (2).
Embodiment
Below in conjunction with accompanying drawing, the preferred embodiments of the present invention are described in detail.
As Figure 1-3, a kind of adaptive defense method for suppressing viral transmission disclosed by the invention, including following step
Suddenly:
S1:Initialize network system:Node state in network system is arranged to the safe state S of low levelLIt is or high-level
Safe state SHOr state I is infected;Wherein, the safe state S of low levelLWith high-level safe state SHNode can be with different probability
It is infected;Adjacent node can be infected by having infected state inode, and is cured with certain probability γ;Parameters are set,
Enter the probability b, high-level safe state S of system including outer computerHNode is the safe state S of low levelLThe probability of node
δ, the safe state S of low levelLNode upgrades to high-level safe state SHThe probability α of node, the probability that each node removes from system
μ;
S2:Virus infection:Each state inode has been infected respectively with β1、β2Probability infect low level safety adjacent thereto
State SLNode and high-level safe state SHNode;
S3:Node state detection process:Detect whether each node is transformed into by the infection of virus and has infected state inode,
And count its quantity;
S4:Adaptive defense process:If the quantity for having infected state inode is less than the threshold value of setting, upgrading is not taken to arrange
Apply;If the quantity for having infected state inode is more than threshold value, make the safe state S of low level in systemLNode upgrades to height with certain probability
Level security state SHNode;
S5:Analyzing influences the factor of viral transmission in network system.
In step s 2, the safe state S of low levelLThe probability that node is infected with the virus is higher than high-level safe state SHNode,
That is β1>β2。
The step S3 and the step S4 are carried out simultaneously;In step s 4, the threshold value I of viral load is providedmaxWith on
I nonlinear function f (I), when viral load is less than I in systemmaxWhen, f (I) is 0;When viral load is more than or waited in system
In ImaxWhen, f (I) is α I.
The step S5 is specially:As b, β1、β2Increase, the increase of system inner virus quantity, viral transmission are accelerated;As α, γ
Increase, δ reduce, and system inner virus quantity reduces, and viral transmission is suppressed.
F (I) expression formula is:
The step S5 is specially:As b, β1、β2Increase, the increase of system inner virus quantity, viral transmission are accelerated;As α, γ
Increase, δ reduce, and system inner virus quantity reduces, and viral transmission is suppressed.In addition, the mathematical expression of model proposed by the invention
Formula is as follows:
Wherein, SL、SHRepresent the number of computers of current time respective bin, basic reproduction number respectively with I
Make SL+SH+ I=N*, above formula can be simplified to following expression:
As 0≤I<ImaxWhen, it can obtain:
System is finally stable in poisonous equalization pointWherein
Work as ImaxDuring≤I, it can obtain:
System is finally stable in poisonous equalization pointAnd poisonous equalization pointCompared to poisonous balance
PointViral load have obvious reduction.
We will choose suitable parameter below, and such result is proved by emulation experiment.
(1) parameter b=0.1, δ=0.01, β 1=0.3, β 2=0.1, μ=0.1, γ=0.1, I are mademax=0.4.
As shown in figure 4, I in this case<Imax, it can be seen that system is finally stable in poisonous equalization point
(2) parameter b=0.1, α=0.5, δ=0.01, β 1=0.3, β 2=0.1, μ=0.1, γ=0.1, I are mademax=
0.1。
As shown in figure 5, I in this casemax<I, it can be seen that system is finally stable in poisonous equalization point
From the point of view of the comparing result of both the above emulation experiment, viral load has significantly after upgrading measure is implemented
Reduce, it is sufficient to illustrate that a kind of adaptive defense method for suppressing viral transmission proposed by the present invention can efficiently control virus and exist
Propagation in network system.
Finally illustrate, preferred embodiment above is merely illustrative of the technical solution of the present invention and unrestricted, although logical
Cross above preferred embodiment the present invention is described in detail, it is to be understood by those skilled in the art that can be
Various changes are made to it in form and in details, without departing from claims of the present invention limited range.
Claims (4)
- A kind of 1. adaptive defense method for suppressing viral transmission, it is characterised in that:This method comprises the following steps:S1:Initialize network system:Node state in network system is arranged to the safe state S of low levelLOr high-level safe state SHOr state I is infected;Wherein, the safe state S of low levelLWith high-level safe state SHNode can be viral with different probability Infection;Adjacent node can be infected by having infected state inode, and is cured with certain probability γ;Parameters are set, including it is outer Portion's computer enters the probability b, high-level safe state S of systemHNode is the safe state S of low levelLThe probability δ of node, each The probability μ that node removes from system;S2:Virus infection:Each state inode has been infected respectively with β1、β2Probability infect the safe state S of low level adjacent theretoL Node and high-level safe state SHNode;S3:Node state detection process:Detect whether each node is transformed into by the infection of virus and has infected state inode, and unite Count its quantity;S4:Adaptive defense process:If the quantity for having infected state inode is less than the threshold value of setting, upgrading measure is not taken;If The quantity for having infected state inode is more than threshold value, makes the safe state S of low level in systemLNode is upgraded to high-level with certain probability Safe state SHNode, and the increase of the quantity with infection inode, upgrading probability is bigger, if the quantity of upgrading probability and inode It is linearly proportional, proportionality coefficient α;S5:Analyzing influences the factor of viral transmission in network system.
- A kind of 2. adaptive defense method for suppressing viral transmission as claimed in claim 1, it is characterised in that:In step S2 In, the safe state S of low levelLThe probability that node is infected with the virus is higher than high-level safe state SHNode, i.e. β1>β2。
- A kind of 3. adaptive defense method for suppressing viral transmission as claimed in claim 1, it is characterised in that:The step S3 Carried out simultaneously with the step S4;In step s 4, the threshold value I of viral load is providedmaxWith the nonlinear function f (I) on I, When viral load is less than I in systemmaxWhen, f (I) is 0;When viral load is more than or equal to I in systemmaxWhen, f (I) is α I.
- A kind of 4. adaptive defense method for suppressing viral transmission as claimed in claim 1, it is characterised in that:The step S5 Specially:As b, β1、β2Increase, the increase of system inner virus quantity, viral transmission are accelerated;When disease in α, γ increase, δ reductions, system Malicious quantity reduces, and viral transmission is suppressed.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710611414.1A CN107395598B (en) | 2017-07-25 | 2017-07-25 | Self-adaptive defense method for inhibiting virus propagation |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710611414.1A CN107395598B (en) | 2017-07-25 | 2017-07-25 | Self-adaptive defense method for inhibiting virus propagation |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107395598A true CN107395598A (en) | 2017-11-24 |
CN107395598B CN107395598B (en) | 2020-06-19 |
Family
ID=60336840
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710611414.1A Active CN107395598B (en) | 2017-07-25 | 2017-07-25 | Self-adaptive defense method for inhibiting virus propagation |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107395598B (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108121916A (en) * | 2017-12-15 | 2018-06-05 | 重庆邮电大学 | A kind of Computer Virus Spread defence method under multilevel security degree of protection |
CN108833429A (en) * | 2018-06-28 | 2018-11-16 | 广东电网有限责任公司 | Obtain the method, apparatus and storage medium of powerline network virus immunity strategy |
CN113032782A (en) * | 2021-03-09 | 2021-06-25 | 中国人民解放军空军工程大学 | Virus transmission inhibition method |
CN113852607A (en) * | 2021-09-01 | 2021-12-28 | 中国铁道科学研究院集团有限公司 | Method and device for evaluating network security performance |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101304321A (en) * | 2008-07-09 | 2008-11-12 | 南京邮电大学 | Method for defending equity network virus based on trust |
US8347394B1 (en) * | 2009-07-15 | 2013-01-01 | Trend Micro, Inc. | Detection of downloaded malware using DNS information |
CN105357200A (en) * | 2015-11-09 | 2016-02-24 | 河海大学 | Network virus transmission behavior modeling method |
WO2016172514A1 (en) * | 2015-04-24 | 2016-10-27 | Siemens Aktiengesellschaft | Improving control system resilience by highly coupling security functions with control |
CN106599691A (en) * | 2016-12-23 | 2017-04-26 | 贾志娟 | Computer virus spreading source tracing method based on complex network |
-
2017
- 2017-07-25 CN CN201710611414.1A patent/CN107395598B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101304321A (en) * | 2008-07-09 | 2008-11-12 | 南京邮电大学 | Method for defending equity network virus based on trust |
US8347394B1 (en) * | 2009-07-15 | 2013-01-01 | Trend Micro, Inc. | Detection of downloaded malware using DNS information |
WO2016172514A1 (en) * | 2015-04-24 | 2016-10-27 | Siemens Aktiengesellschaft | Improving control system resilience by highly coupling security functions with control |
CN105357200A (en) * | 2015-11-09 | 2016-02-24 | 河海大学 | Network virus transmission behavior modeling method |
CN106599691A (en) * | 2016-12-23 | 2017-04-26 | 贾志娟 | Computer virus spreading source tracing method based on complex network |
Non-Patent Citations (1)
Title |
---|
孟敬: "计算机病毒传播模型及其防御方法研究", 《软件导刊》 * |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108121916A (en) * | 2017-12-15 | 2018-06-05 | 重庆邮电大学 | A kind of Computer Virus Spread defence method under multilevel security degree of protection |
CN108121916B (en) * | 2017-12-15 | 2021-07-20 | 重庆邮电大学 | Computer virus propagation defense method under multi-level security protection level |
CN108833429A (en) * | 2018-06-28 | 2018-11-16 | 广东电网有限责任公司 | Obtain the method, apparatus and storage medium of powerline network virus immunity strategy |
CN113032782A (en) * | 2021-03-09 | 2021-06-25 | 中国人民解放军空军工程大学 | Virus transmission inhibition method |
CN113852607A (en) * | 2021-09-01 | 2021-12-28 | 中国铁道科学研究院集团有限公司 | Method and device for evaluating network security performance |
CN113852607B (en) * | 2021-09-01 | 2023-06-13 | 中国铁道科学研究院集团有限公司 | Method and device for evaluating network security performance |
Also Published As
Publication number | Publication date |
---|---|
CN107395598B (en) | 2020-06-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107395598A (en) | A kind of adaptive defense method for suppressing viral transmission | |
US10685109B2 (en) | Elimination of false positives in antivirus records | |
Piqueira et al. | A modified epidemiological model for computer viruses | |
CN106936855B (en) | Network security defense decision-making determination method and device based on attack and defense differential game | |
CN107566387B (en) | Network defense action decision method based on attack and defense evolution game analysis | |
Elaiw et al. | Stability of an adaptive immunity pathogen dynamics model with latency and multiple delays | |
Song et al. | Influence of removable devices on computer worms: dynamic analysis and control strategies | |
CN103746987B (en) | Method and system for detecting DoS attack in semantic Web application | |
CN110619548A (en) | Method, device, equipment and storage medium for determining media content delivery strategy | |
CN104484616A (en) | Method for protecting privacy under condition of MapReduce data processing frameworks | |
Sweilam et al. | Fractional optimal control in transmission dynamics of West Nile virus model with state and control time delay: a numerical approach | |
CN106446020A (en) | Browser built-in crawler system-based fingerprint identification realization method | |
US20160197943A1 (en) | System and Method for Profiling System Attacker | |
CN108121916B (en) | Computer virus propagation defense method under multi-level security protection level | |
Pal et al. | On differentiating cyber-insurance contracts a topological perspective | |
CN116684152A (en) | Active defense method, device and system for multiple aggressors | |
Yan et al. | Characterizing the optimal attack strategy decision in cyber epidemic attacks with limited resources | |
Jin et al. | Computer virus propagation model based on bounded rationality evolutionary game theory | |
Leelavimolsilp et al. | Selfish mining in proof-of-work blockchain with multiple miners: An empirical evaluation | |
Xiao et al. | SAIDR: A new dynamic model for SMS-based worm propagation in mobile networks | |
CN108667833B (en) | Communication system malicious software propagation modeling and optimal control method based on coupling | |
CN113315763A (en) | Network security defense method based on heterogeneous group evolution game | |
Jin et al. | Analysis and control stratagems of flash disk virus dynamic propagation model | |
CN107248929B (en) | Strong correlation data generation method of multi-dimensional correlation data | |
CN112995997B (en) | Optimal control method for malicious program variation model of charging wireless sensor network |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |