CN109547431A - A kind of network security situation evaluating method based on CS and improved BP - Google Patents

A kind of network security situation evaluating method based on CS and improved BP Download PDF

Info

Publication number
CN109547431A
CN109547431A CN201811376507.1A CN201811376507A CN109547431A CN 109547431 A CN109547431 A CN 109547431A CN 201811376507 A CN201811376507 A CN 201811376507A CN 109547431 A CN109547431 A CN 109547431A
Authority
CN
China
Prior art keywords
network
situation
cuckoo
neural network
output
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811376507.1A
Other languages
Chinese (zh)
Inventor
李文萃
郭少勇
王世文
刘岩
杨润华
喻鹏
徐思雅
安致嫄
吴利杰
丁铖
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Corp of China SGCC
Beijing University of Posts and Telecommunications
Information and Telecommunication Branch of State Grid Henan Electric Power Co Ltd
Original Assignee
State Grid Corp of China SGCC
Beijing University of Posts and Telecommunications
Information and Telecommunication Branch of State Grid Henan Electric Power Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Corp of China SGCC, Beijing University of Posts and Telecommunications, Information and Telecommunication Branch of State Grid Henan Electric Power Co Ltd filed Critical State Grid Corp of China SGCC
Priority to CN201811376507.1A priority Critical patent/CN109547431A/en
Publication of CN109547431A publication Critical patent/CN109547431A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/004Artificial life, i.e. computing arrangements simulating life
    • G06N3/006Artificial life, i.e. computing arrangements simulating life based on simulated virtual individual or collective life forms, e.g. social simulations or particle swarm optimisation [PSO]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • G06N3/044Recurrent networks, e.g. Hopfield networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • G06N3/045Combinations of networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/08Learning methods
    • G06N3/084Backpropagation, e.g. using gradient descent
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • H04L41/142Network analysis or design using statistical or mathematical methods
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • H04L41/145Network analysis or design involving simulating, designing, planning or modelling of a network

Abstract

A kind of network security situation evaluating method based on CS and improved BP of the invention, including four steps: S1, obtain network safety situation element, composing training sample set and test sample collection, determine BP neural network structure S2, optimal initial weight and threshold value S3 are found using cuckoo search (CS) algorithm, introduce factor of momentum and steepness factor improved BP S4, improved BP neural network is trained, trained network is finally used for networks security situation assessment, obtains final situation value and security level.The present invention realizes that network safety situation is accurately quantitatively evaluated using improved BP, reduces the subjective impact of expert view in Traditional measurements method, objective to be comprehensively reflected network security integral status;It is made improvements in conjunction with cuckoo searching algorithm, introducing factor of momentum and steepness factor, accelerates convergence rate, reduce space-time expense, improve the accuracy and practicability of networks security situation assessment.

Description

A kind of network security situation evaluating method based on CS and improved BP
Technical field
The present invention relates to technical field of network security, more particularly to a kind of network based on CS and improved BP Safety situation evaluation method.
Background technique
With the rapid development of Internet technology, network size is also gradually increased and is complicated, and institute is polynary by attacking Change, security incident jumps up, safety problem become to become increasingly conspicuous with urgently.Networks security situation assessment is answered in this context It transports and gives birth to, be increasingly becoming the research emphasis of next generation network security and guard technology, networks security situation assessment refers to pacifies in converged network On the basis of the element information of total correlation, comprehensive analysis and reality are carried out using global safety situation of the assessment algorithm to network system When assess, thus help administrative staff hold overall network safe condition, for network security management command, decision finger is provided It leads, risk and loss is preferably minimized limit.
Currently, networks security situation assessment both domestic and external is broadly divided into 3 classes: (1) representative based on the method for mathematical model Method has based on analytic hierarchy process (AHP), the side from deviation method, Field Using Fuzzy Comprehensive Assessment, Set Pair Analysis Method etc. (2) knowledge-based inference Method, exemplary process have based on the side of bayesian algorithm, DS evidence theory, graph model, Markov etc. (3) based on pattern-recognition Method, exemplary process have based on support vector machines, artificial neural network, rough set theory, grey correlation etc..
First two method is using more, but there have that subjective dependence is strong, priori knowledge obtains difficult, improper dynamic to be multiple The disadvantages of miscellaneous network environment, in comparison, the appraisal procedure based on pattern-recognition, have higher accuracy and objectivity, more Adapt to the network environment of Dynamic Uncertain, BP neural network is a kind of Multi-layered Feedforward Networks, because its powerful self-learning capability, The preferable many merits such as generalization ability and fault-tolerant ability are widely used in Situation Assessment field, but in terms of application effect, mesh Preceding there is also following deficiencies: (1) assessment data source is single, causes assessment result there are one-sidedness, confidence level is lower.(2) space-time Expense is larger, is unsatisfactory for the requirement of real-time and the traditional BP neural network of assessment result inaccurate (3) has easily formation part The disadvantages of minimum, easy generation is shaken, convergence rate is slow.
Summary of the invention
For above situation, for the defect for overcoming the prior art, purpose of the present invention is to provide one kind based on CS and to change Into the network security situation evaluating method of BP neural network, comprehensive comprehensive network safety situation factor, by autonomous learning, repeatedly The mode that generation updates carries out accurately Situation Assessment, while having the faster speed of service, improves networks security situation assessment Accuracy and assessment efficiency, to really reflect network security integral status.
Its technical solution solved is, including following four step,
S1, network safety situation element, composing training sample set and test sample collection are obtained, determines BP neural network knot Structure;
S2, optimal initial weight and threshold value are found using cuckoo search (CS) algorithm;
S3, factor of momentum and steepness factor improved BP are introduced;
S4, improved BP neural network is trained, and trained network is used for networks security situation assessment, Obtain final situation value and security level.
A kind of network security situation evaluating method based on CS and improved BP as described in claim 1, It is characterized in that, network safety situation element is obtained in the step S1, and composing training sample set and test sample collection are to system Situation factor data including configuration information, system operation information and network traffic information carries out standardization processing, obtains format Unified situation achievement data, composing training sample set and test sample collection;
BP neural network structure is determined in the step S1, it is assumed that there is N number of signal to input, then input vector is X=(x1, x2,…,xn), hidden layer number of nodes is M, then hidden layer output vector is Y=(y1,y2,…,ym), output layer number of nodes is L, then Output layer vector is O=(o1,o2,…,ol), desired output vector is D=(d1,d2,…,dl), input layer is between hidden layer Weight matrix be W=(W1,W2,…,Wj,…,Wm), hidden layer to the weight between output layer is V=(V1,V2,…, Vk,…,Vl), hidden layer has threshold θj, output layer has threshold value rk, the output valve y of j-th of neuron of hidden layerj, k-th of output layer The output o of neuronk, then:
In above formula, f (x) is the transmission function of hidden layer, generally uses sigmoid function, and formula is as follows:
Preferably, cuckoo search (CS) algorithm is utilized to find optimal initial weight and threshold value in the step S2 specific Are as follows:
N cuckoo is randomly generated according to neural network weight and threshold value feature in S21, initialization populationN cuckoo is encoded, coding mode uses floating-point encoding;
S22 calculates fitness, and fitness function is the inverse of neural network overall error function, as follows:
S23, location updating retain the optimal cuckoo of previous generationThe position for updating cuckoo according to the following formula, obtains
Wherein,Indicate i-th of Bird's Nest in the position in t generation,For point-to-point multiplication, α > 0 be step-length (generally take α= 1);L (λ) is L é vy random search path, and arbitrary width λ obeys L é vy distribution;
S24 is selected, and replacement, delete operation is randomly generated a decimal r in [0,1] section, compares r and probability of detection paSize, if r > pa, then the position of all cuckoo, calculating and newer cuckoo and original cloth are updated according to formula (12) The fitness of paddy bird retains the biggish cuckoo of fitness, obtains updated cuckoo positionIf r≤pa, retain original cuckoo;
Rejecting operation is that will reject n*p to keep population to be in optimum state alwaysaThe worst individual of a fitness value; To remain unchanged population scale, n*p will be randomly generatedaA solution (is needed to n*paCarry out floor operation);Meanwhile for adapting to Angle value is preferably individual, will be directly delivered to the next generation;
S25 judges whether optimal cuckoo meets condition or whether iterative algebra reaches requirement, if it is, will most Excellent cuckoo decoding obtains optimal weight, threshold value, executes step S3;Conversely, thening follow the steps S23.
Preferably, introducing factor of momentum described in the step S3 and steepness factor change traditional BP neural network Into specifically:
S31 introduces factor of momentum, the modified weight process of neural network is improved using additional guide vanes, specific practice is: A part of the last or preceding amount of weighed value adjusting several times is superimposed to by the resulting weighed value adjusting amount of this error calculation, as This practical weighed value adjusting amount, the weighed value adjusting formula with momentum term that the present invention designs are as follows:
Δ w (k+1)=(1- α) η D (k)+α Δ w (k)
Wherein,It is represented as the negative gradient at k moment,
W is network weight, and Δ w is the increment of weight, and k is frequency of training, and α is factor of momentum, and 0 < α < 1 generally takes 0.95 or so, η are learning rate;
S32 introduces steepness factor, and a steepness factor λ is introduced in former transfer function, and improving principle is: in weight tune It is whole to enter after flat region, try the net input for compressing neuron, so that its output is exited the saturation region of transfer function, changed with this The shape of error function, so that adjustment be made to be detached from flat region, formula is as follows:
In formula, net is the input of neuron, and when discovery Δ E is close to zero, and model output still has relatively large deviation with actual value When, it can determine whether to have entered flat region, this seasonal λ > 1;After exiting flat region, then enable λ=1.
Preferably, improved BP neural network is trained in the step S4, and trained network is used for Networks security situation assessment specifically:
S41, neural network initialization, including the optimal initial power for the BP neural network for obtaining step S2 cuckoo algorithm Value and sets of threshold values cooperation are that parameter inputs network and carries out parameter initialization, BP network remaining parameter, including the number of iterations N, momentum Factor-alpha, training allowable error ε;Situation data will be trained as input vector, using the situation value of expert's assessment as output vector BP neural network after bringing optimization into;
S42, calculates the output of input layer, intermediate hidden layer and output layer, each neuron of input layer to input vector not It is handled, the output y of intermediate hidden layer is calculated according to claim 2 stepjWith the output o of output layerk
S43 exports o according to calculatingkWith reality output dk, calculate the error e of each neuron of output layerk, computing system always misses Poor E, formula are as follows:
S44 calculates weight correction amount according to step S31, and then adjusts each neuron weight;
S45 randomly selects next training data and is supplied to BP neural network, instructs all training datas to BP nerve net Network is trained;
S46, judges whether neural network global error E meets required precision, if E < ε, just terminates the instruction of network Practice;Otherwise it branches to step S43 to continue that each layer connection weight is continued to adjust, is so iterated training and goes down, until network Global error meet condition or until the number of iterations reaches N;
S47 is obtained by the test defeated people of situation data into the trained neural network with evaluation capacity by mapping Security level locating for network can be obtained finally by control network totality situation rank table in the situation value SA of network.
Due to the use of above technical scheme, the present invention has the following advantages that compared with prior art;
1, it realizes that network safety situation is accurately quantitatively evaluated using improved BP, reduces in Traditional measurements method The subjective impact of expert view, it is objective to be comprehensively reflected network security integral status;
2, it is slow for traditional BP neural network convergence rate, the disadvantages of concussion easily occurs and falls into Local Minimum, in conjunction with cloth Paddy bird searching algorithm, introducing factor of momentum and steepness factor make improvements, and accelerate convergence rate, are spaced apart when reducing Pin, improves the accuracy and practicability of networks security situation assessment.
Detailed description of the invention
Fig. 1 is a kind of flow chart of the network security situation evaluating method based on CS and improved BP of the present invention.
Fig. 2 is neural network structure figure provided by the embodiment of the present invention.
Fig. 3 is for the appraisal procedure provided in an embodiment of the present invention based on CS and improved BP and based on traditional BP mind Appraisal procedure error curve comparison diagram through network.
Fig. 4 is a kind of network security situation evaluating method based on CS and improved BP of the invention and is based on traditional The appraisal procedure of BP neural network assesses accuracy rate comparison diagram.
Specific embodiment
For the present invention aforementioned and other technology contents, feature and effect, in following cooperation with reference to figures 1 through attached drawing 4 To in the detailed description of embodiment, can clearly present.The structure content being previously mentioned in following embodiment is with specification Attached drawing is reference.
Embodiment one, a kind of network security situation evaluating method based on CS and improved BP, including following four A step,
S1, network safety situation element, composing training sample set and test sample collection are obtained, determines BP neural network knot Structure;
S2, optimal initial weight and threshold value are found using cuckoo search (CS) algorithm;
S3, it is directed to the disadvantages of traditional BP neural network convergence rate is slow, and easily generation shakes and falls into Local Minimum, introducing is dynamic Measure the factor and steepness factor improved BP;
S4, improved BP neural network is trained, and trained network is used for networks security situation assessment, Obtain final situation value and security level.
Embodiment two, on the basis of example 1, the step S1 specifically include:
S11, obtains network safety situation element, composing training sample set and test sample collection, and assessment data source is mainly come From three categories: based on system configuration information, based on system operation information and based on network traffic information.Primary sources source refers to Network design and configuration state, such as the loophole defect of network topology structure, service software installed with setting and system;The Two class data sources refer to that network system by running situation when attacking, mostlys come from system running log library;Third Class data source is primarily referred to as the various traffic conditions of network instant communication, can be monitored and be obtained by special-purpose software.According to current net The actual demand of network status and index system, the present invention choose Netflow data, Snort log and Nessus scanning log and make For situation achievement data source.These three data cover the information of three aspect of flow, attack and loophole.Network is reflected to transport substantially Row status information, the attack faced threatens and potential security threat condition, can provide more for network security situation awareness Comprehensive data are supported, since initial data collected from Network Security Device has different format and meaning, these Data can not need to carry out standardization processing to these data as the input data of Situation Assessment, can just obtain format system One situation achievement data, composing training sample set and test sample collection.
S12, determines BP neural network structure, and Fig. 2 is neural network structure figure provided in an embodiment of the present invention.BP nerve net Network includes 1 input layer, 1 output layer and multiple hidden layers, and the neuron between adjacent layer is connected by reasonable activation primitive The parameter of network is connect and maintained, and is trained in conjunction with back-propagation process by propagated forward, it is assumed that has N number of signal defeated Enter, then input vector is X=(x1,x2,…,xn), hidden layer number of nodes is M, then hidden layer output vector is Y=(y1,y2,…, ym), output layer number of nodes is L, then output layer vector is O=(o1,o2,…,ol), desired output vector is D=(d1,d2,…, dl), input layer to the weight matrix between hidden layer is W=(W1,W2,…,Wj,…,Wm), hidden layer to the power between output layer Value is V=(V1,V2,…,Vk,…,Vl), hidden layer has threshold θj, output layer has threshold value rk.J-th of neuron of hidden layer it is defeated Value y outj, the output o of k-th of neuron of output layerk, then:
In above formula, f (x) is the transmission function of hidden layer, generally uses sigmoid function, and formula is as follows:
Input layer number is 8 in the embodiment of the present invention, corresponding 8 Situation Assessment elements: safety equipment number in subnet (x1), the total amount (x of each key equipment open port in subnet2), key equipment accesses the frequency (x of mainstream security website3), report Alert number (x4), network bandwidth utilization rate (x5), security incident history occurrence frequency (x6), subnet traffic change rate (x7), subnet Mean free error time (x8).Output node number is 1, is labeled as SA (i.e. network safety situation value).The examination of hidden layer number of nodes The method of gathering obtains.Less hidden node is set by empirical equation first, then increases the hidden node of equivalent every time, using same Under the premise of sample set, corresponding number of nodes when training error minimum is chosen.Initial Hidden nodes m are as follows:
Wherein: n represents input layer number;L represents output layer node number;δ represents 0-10 constant;Hidden layer Number of nodes chooses 4 by above formula, through trying to gather to obtain number of nodes 6.
Embodiment three, on the basis of example 1, the step S2 specifically include:
The initial weight and threshold value of BP neural network are randomly assigned, therefore its training time is generally longer, Er Qiejing Cross the obtained weight of training and threshold value may also and it is non-optimal, so the present invention finds optimal power using cuckoo (CS) algorithm Value and threshold value, the specific steps are as follows:
N cuckoo is randomly generated according to neural network weight and threshold value feature in S21, initialization populationN cuckoo is encoded, coding mode uses floating-point encoding, and floating number is compiled Code is intuitive and has the characteristics that code length is easy to control, encoding precision is high and large space search capability is strong, and it is complicated can to reduce calculating Property, therefore the present invention uses floating-point encoding.Its all weight and threshold value are encoded jointly according to the design structure of BP neural network At a cuckoo, then the coding of cuckoo are as follows:
W11W21…WN1V11V21…V1Lθ1…W1MW2M…WNMVM1VM2…VMLθMr1…rL
Wherein, N is the input layer number of network, and M is hidden layer number of nodes, and L is output layer number of nodes, and input layer is to hidden Hiding layer weight matrix is W, and hidden layer to output layer weight matrix is V, and hidden layer threshold matrix is θ, and output layer threshold matrix is r;
S23 calculates fitness, and cuckoo algorithm belongs to member and inspires optimization algorithm, and the superiority and inferiority of individual in population is by adapting to It spends to measure.The higher individual that represents of fitness value is the smaller the better in conjunction with BP neural network overall error closer to optimal solution Feature, the fitness function of this example design are the inverse of the Error Absolute Value sum between network reality output and prediction output, That is:
The situation achievement data that step S1 is obtained substitutes into fitness function, calculates the fitness of this generation cuckoo.Choosing Select the optimal cuckoo of fitness
S23, location updating.Retain the optimal cuckoo of previous generationThe position for updating cuckoo, obtainsLocation update formula is as follows:
Wherein,Indicate i-th of Bird's Nest in the position in t generation,For point-to-point multiplication, α > 0 be step-length (generally take α= 1);L (λ) is L é vy random search path, and arbitrary width λ obeys L é vy distribution.
The fitness of this generation cuckoo is calculated, and is made comparisons with the fitness value of previous generation, position is updated if more excellent It sets, otherwise still retains the position of previous generation Bird's Nest.
S24 is selected, replacement, delete operation.A decimal r in [0,1] section is randomly generated, compares r and probability of detection paSize.If r > pa, then the adaptation of the position of all cuckoo, calculating and newer cuckoo and former cuckoo is updated Degree retains the biggish cuckoo of fitness, obtains updated cuckoo positionIf r≤pa, retain original cuckoo.
Rejecting operation is that will reject n*p to keep population to be in optimum state alwaysaThe worst individual of a fitness value; To remain unchanged population scale, n*p will be randomly generatedaA solution (is needed to n*paCarry out floor operation);Meanwhile for adapting to Angle value is preferably individual, will be directly delivered to the next generation.
S25, judge whether optimal cuckoo meets condition or whether iterative algebra reaches requirement, if it is, will most Excellent cuckoo decoding obtains optimal weight, threshold value, executes step S3;Conversely, thening follow the steps S23.
Cuckoo algorithm belongs to member and inspires optimization algorithm, and the superiority and inferiority of individual in population is measured by fitness.It adapts to The higher individual that represents of angle value is closer to optimal solution.In conjunction with the smaller the better feature of BP neural network overall error, this example design Fitness function be network reality output and prediction output between Error Absolute Value sum inverse, it may be assumed that
The situation achievement data that step S1 is obtained substitutes into fitness function, calculates the fitness of this generation cuckoo.Choosing Select the optimal cuckoo of fitness
S23, location updating.Retain the optimal cuckoo of previous generationThe position for updating cuckoo, obtainsLocation update formula is as follows:
Wherein,Indicate i-th of Bird's Nest in the position in t generation,For point-to-point multiplication, α > 0 be step-length (generally take α= 1);L (λ) is L é vy random search path, and arbitrary width λ obeys L é vy distribution.
The fitness of this generation cuckoo is calculated, and is made comparisons with the fitness value of previous generation, position is updated if more excellent It sets, otherwise still retains the position of previous generation Bird's Nest.
S24, selection, replacement, delete operation.A decimal r in [0,1] section is randomly generated, compares r and probability of detection pa Size.If r > pa, then the fitness of the position of all cuckoo, calculating and newer cuckoo and former cuckoo is updated, Retain the biggish cuckoo of fitness, obtains updated cuckoo positionSuch as Fruit r≤pa retains original cuckoo.
Rejecting operation is that will reject n*p to keep population to be in optimum state alwaysaThe worst individual of a fitness value; To remain unchanged population scale, n*p will be randomly generatedaA solution (is needed to n*paCarry out floor operation);Meanwhile for adapting to Angle value is preferably individual, will be directly delivered to the next generation.
S25, judge whether optimal cuckoo meets condition or whether iterative algebra reaches requirement, if it is, will most Excellent cuckoo decoding obtains optimal weight, threshold value, executes step S3;Conversely, thening follow the steps S23.
Example IV, on the basis of example 1, the step S3 specifically include:
S31 introduces factor of momentum, and standard BP algorithm is substantially a kind of simple static optimization method of steepest decline, It when correcting w (k), is modified only according to the negative gradient direction of kth step, without the experience in view of accumulating in the past, i.e., in the past The gradient direction at moment, to usually training process be made to vibrate, convergence is slow, the tool of additional guide vanes weighed value adjusting algorithm Body way is: a part of the last or preceding amount of weighed value adjusting several times is superimposed to by the resulting weighed value adjusting of this error calculation In amount, as this practical weighed value adjusting amount.The weighed value adjusting formula with momentum term that the present invention designs is as follows:
Dw (k+1)=(1- α) η D (k)+α Dw (k)
Wherein,It is represented as the negative gradient at k moment.
W is network weight, and Dw is the increment of weight, and k is frequency of training, and α is factor of momentum, and 0 < α < 1 generally takes 0.95 Left and right.η is learning rate, is constant in standard BP neural network.
Above formula, which is meant that, changes influence to this weighed value adjusting trend for weight before, by a factor of momentum come Transmitting.When factor of momentum α value is zero, the variation of weight is generated according only to gradient descent method;When factor of momentum α value is 1 When, new weight variation is then set as the variation of a preceding weight, and is then ignored according to the changing unit that gradient method generates. By this method, after increasing momentum term, promote the adjusting of weight to change towards the mean direction of error surface bottom, work as network When weight enters the flat region of error surface bottom, Dwij(k+1)=Dwij(k), to prevent Dwij=0 appearance, helps In jumping out network from the local minimum of error surface.Factor of momentum added by this method is effectively equivalent to damp , it reduces the oscillation trend in learning process, plays the role of buffering and smoothing, so as to improve convergence.
S32 introduces steepness factor BP neural network in the training process when error sum of squares close to zero it is possible to mould There are biggish deviation, the reason of causing this phenomenon is because there are flat regions on error surface for the output of type and actual value. There is such case in network training in order to prevent, present invention introduces the methods of steepness factor to change to standard BP algorithm Into.Improving principle is: after weighed value adjusting enters flat region, trying the net input for compressing neuron, exits its output and turn The saturation region for moving function, changes the shape of error function with this, so that adjustment be made to be detached from flat region.Specific practice is turned in original It moves and introduces a steepness factor λ in function:
In formula, net is the input of neuron.When discovery Δ E is close to zero, and model output still has relatively large deviation with actual value When, it can determine whether to have entered flat region, this seasonal λ > 1;After exiting flat region, then enable λ=1.As λ > 1, net coordinate is had compressed λ times, the sensitizing range of neuron function is elongated, so that the biggish nett of absolute value be made to exit saturation region.As λ=1, transfer function It restores to the original state, to lesser net sensitivity with higher.Using show this method to improve neural network algorithm convergence Speed and accuracy rate are largely effective.
Embodiment five, on the basis of example 1, the step S4 specifically include:
S41, neural network initialization.1) parameter initialization.By the optimal initial power of the obtained BP neural network of step S2 Value and sets of threshold values cooperation are that parameter inputs network.In addition to this, remaining parameter of BP network, including the number of iterations N, momentum are initialized Factor-alpha, training allowable error ε.2) will training situation data be used as input vector, using expert assessment situation value as export to Amount brings the BP neural network after optimization into.
S42, the output for calculating input layer, each neuron of input layer to input vector without processing, only simply Hidden layer is passed to as output.The output of each neuron of intermediate hidden layer is calculated, formula is as follows:
The output of each neuron of output layer is calculated, formula is as follows:
In above formula, f (x) is the transmission function of hidden layer, generally uses sigmoid function, and present example introduces suddenly Factor lambda is spent, formula is as follows:
The output o that S43, basis are calculatedkWith reality output dk, computing system overall error E, formula is as follows:
S44, because the overall error E of system is weight vij,wjkFunction, it is possible to adjusted by gradient descent method Weight, and then reduce error E, realize that iteration optimization solves.The embodiment of the present invention is repaired using additional momentum factorization method optimization weight Positive process.With wjkFor, formula is as follows:
Dw (k+1)=(1- α) η D (k)+α Dw (k)
S45, it randomly selects next training data and is supplied to improved BP, instruct all training datas to improvement BP neural network is trained.
S46, judge whether neural network global error E meets required precision.If E < ε, then just terminating the instruction of network Practice;Otherwise it branches to step (3) to continue that each layer connection weight is continued to adjust, is so iterated training and goes down, until network Global error meet condition or until the number of iterations reaches N.
S47, the defeated people of situation data will be tested into the trained neural network with evaluation capacity, is obtained by mapping The situation value SA of network, can be obtained security level locating for network finally by the table of comparisons 2.
Neural network assessment result SA is the numerical value in certain threshold interval, lacks certain practical guidance meaning Justice, so needing to delimit the corresponding network safety grade of network safety situation value in actual production and living.This hair It is bright on the basis of reference risk assessment, by the grade classification of network safety situation be Pyatyi it is excellent, it is good, in, it is poor, endanger }, it is at different levels Situation value range and network behavior feature it is as shown in table 2:
2 network totality situation rank table of table
The present invention has in use, in order to make those skilled in the art more fully understand this programme, below with practical application field Scape is illustrated this programme, is carried out using the network security data of simulation network security situation evaluating method proposed by the present invention Simulation comparison test.The embodiment of the present application has built a Network Experiment Environment, ordinary user User and attacker Attacker Each host on the network can be accessed by Internet.In taken at regular intervals intruding detection system IDS attack information, host Nessus It acquires vulnerability scanning information, Snort acquisition log alarming information and router Netflow and acquires network traffic information, as this The multi-source heterogeneous original data source of secondary emulation experiment, then organizes expert carries out manual evaluation to security risk, obtains network peace The actual level of full situation.Extract safety equipment number (x in subnet1), the total amount (x of each key equipment open port in subnet2), Frequency (the x of key equipment access mainstream security website3), alarm number (x4), network bandwidth utilization rate (x5), security incident is gone through History occurrence frequency (x6), subnet traffic change rate (x7), subnet mean free error time (x8).This 8 evaluation indexes constitute sample Collect the input as assessment models, expert's assessment result obtains 1500 datas as desired output altogether.Random selection 1000 Sample is as training set, for training improved BP neural network;Remaining 500 samples are as test set, for examining net The assessment result of network safety situation evaluation model and actual result whether be unanimously model generalization ability;
In cuckoo optimizing part, cuckoo population scale is chosen, n=40 sets probability of detection pa=0.1, maximum changes Number is 40 from generation to generation;In BP neural network part, input layer number 8 is set.Using the number of trial and error procedure setting hidden layer node It is 6, output layer output is situation value, and output node number 1, transmission function is the sigmoid function of standard, and maximum number of iterations is set It is set to 1000, objective function error ε=0.05, factor of momentum α=0.95.The embodiment of the present invention devises before and after algorithm optimization Comparative test.Fig. 3 is the appraisal procedure provided in an embodiment of the present invention based on CS and improved BP and is based on traditional BP The appraisal procedure error curve comparison diagram of neural network.As shown in figure 3, compared with traditional BP neural network, the embodiment of the present invention There is no parts for a kind of network security situation evaluating method based on cuckoo searching algorithm and improved BP of proposition Minimum problem, and there is faster convergence rate and convergence effect.This is only to be needed to consume seldom resource energy by CS algorithm The initial best initial weights and threshold value of BP neural network are found, the training time and space-time for effectively shortening later period neural network disappear Consumption, while factor of momentum and steepness factor are introduced, convergence rate is greatly accelerated, local extremum is avoided the occurrence of and concussion is existing As improving convergence effect.Fig. 4 is the appraisal procedure and base provided in an embodiment of the present invention based on CS and improved BP Accuracy rate comparison diagram is assessed in the appraisal procedure of traditional BP neural network.As shown in figure 4, with the increase of sample size, tradition BP network algorithm assessment accuracy rate declines therewith, and the accuracy rate curve for the appraisal procedure that present example proposes is stablized 97.5% or more, this illustrates that the appraisal procedure that present example proposes has higher Evaluation accuracy and more stable assessment effect Fruit.
The above is that further detailed description of the invention, and it cannot be said that the present invention in conjunction with specific embodiment Specific implementation is limited only to this;Belonging to the present invention and for those skilled in the technology concerned, it is being based on skill of the present invention Under the premise of art scheme thinking, it is made expansion and operating method, data replacement, should all fall in the scope of the present invention it It is interior.

Claims (5)

1. a kind of network security situation evaluating method based on CS and improved BP, which is characterized in that including following four A step,
S1, network safety situation element, composing training sample set and test sample collection are obtained, determines BP neural network structure;
S2, optimal initial weight and threshold value are found using cuckoo search (CS) algorithm;
S3, factor of momentum and steepness factor improved BP are introduced;
S4, improved BP neural network is trained, and trained network is used for networks security situation assessment, obtained Final situation value and security level.
2. a kind of network security situation evaluating method based on CS and improved BP as described in claim 1, special Sign is, network safety situation element is obtained in the step S1, and composing training sample set and test sample collection are to match to system Situation factor data including confidence breath, system operation information and network traffic information carries out standardization processing, obtains format system One situation achievement data, composing training sample set and test sample collection;
BP neural network structure is determined in the step S1, it is assumed that there is N number of signal to input, then input vector is X=(x1,x2,…, xn), hidden layer number of nodes is M, then hidden layer output vector is Y=(y1,y2,…,ym), output layer number of nodes is L, then exports Layer vector is O=(o1,o2,…,ol), desired output vector is D=(d1,d2,…,dl), input layer to the power between hidden layer Value matrix is W=(W1,W2,…,Wj,…,Wm), hidden layer to the weight between output layer is V=(V1,V2,…,Vk,…,Vl), Hidden layer has threshold θj, output layer has threshold value rk, the output valve y of j-th of neuron of hidden layerj, k-th of neuron of output layer Export ok, then:
In above formula, f (x) is the transmission function of hidden layer, generally uses sigmoid function, and formula is as follows:
3. a kind of network security situation evaluating method based on CS and improved BP as described in claim 1, special Sign is, finds optimal initial weight and threshold value using cuckoo search (CS) algorithm in the step S2 specifically:
N cuckoo x is randomly generated according to neural network weight and threshold value feature in S21, initialization population(0)=(x1 (0),x2 (0),...,xn (0)), n cuckoo is encoded, coding mode uses floating-point encoding;
S22 calculates fitness, and fitness function is the inverse of neural network overall error function, as follows:
S23, location updating retain the optimal cuckoo x of previous generationi (0), the position of cuckoo is updated according to the following formula, obtains x(t)= (x1 (t),x2 (t),...,xn (t))
Wherein, x(t)Indicate i-th of Bird's Nest in the position in t generation,For point-to-point multiplication, α > 0 is step-length (generally taking α=1);L (λ) is L é vy random search path, and arbitrary width λ obeys L é vy distribution;
S24 is selected, and replacement, delete operation is randomly generated a decimal r in [0,1] section, compares r and probability of detection pa's Size, if r > pa, then the position of all cuckoo, calculating and newer cuckoo and original cloth paddy are updated according to formula (12) The fitness of bird retains the biggish cuckoo of fitness, obtains updated cuckoo position x(t+1)=(x1 (t+1),x2 (t +1),...,xn (t+1));If r≤pa, retain original cuckoo;
Rejecting operation is that will reject n*p to keep population to be in optimum state alwaysaThe worst individual of a fitness value;To make to plant Group's scale remains unchanged, and n*p will be randomly generatedaA solution (is needed to n*paCarry out floor operation);Meanwhile for fitness value compared with Excellent individual will be directly delivered to the next generation;
S25 judges whether optimal cuckoo meets condition or whether iterative algebra reaches requirement, if it is, by optimal cloth The decoding of paddy bird obtains optimal weight, threshold value, executes step S3;Conversely, thening follow the steps S23.
4. a kind of network security situation evaluating method based on CS and improved BP as described in claim 1, special Sign is that introducing factor of momentum described in the step S3 and steepness factor improve specifically traditional BP neural network Are as follows:
S31 introduces factor of momentum, the modified weight process of neural network is improved using additional guide vanes, specific practice is: will be upper A part of the primary or preceding amount of weighed value adjusting several times is superimposed to by the resulting weighed value adjusting amount of this error calculation, as this Practical weighed value adjusting amount, the weighed value adjusting formula with momentum term that the present invention designs is as follows:
Δ w (k+1)=(1- α) η D (k)+α Δ w (k)
Wherein,It is represented as the negative gradient at k moment,
W is network weight, and Δ w is the increment of weight, and k is frequency of training, and α is factor of momentum, and 0 < α < 1 generally takes 0.95 left side The right side, η are learning rate;
S32, introduce steepness factor, in former transfer function introduce a steepness factor λ, improve principle be: weighed value adjusting into After entering flat region, try the net input for compressing neuron, so that its output is exited the saturation region of transfer function, error is changed with this The shape of function, so that adjustment be made to be detached from flat region, formula is as follows:
In formula, net is the input of neuron, when discovery Δ E is close to zero, and model output still has relatively large deviation with actual value, It can determine whether to have entered flat region, this season λ > 1;After exiting flat region, then enable λ=1.
5. a kind of network security situation evaluating method based on CS and improved BP as described in claim 1, special Sign is, is trained in the step S4 to improved BP neural network, and trained network is used for network security Situation Assessment specifically:
S41, neural network initialization, including the optimal initial weight of BP neural network that obtains step S2 cuckoo algorithm and Sets of threshold values cooperation is that parameter inputs network and carries out parameter initialization, BP network remaining parameter, including the number of iterations N, factor of momentum α, training allowable error ε;Situation data will be trained as input vector, the situation value that expert assesses will be brought into as output vector BP neural network after optimization;
S42, calculates the output of input layer, intermediate hidden layer and output layer, each neuron of input layer to input vector without Processing calculates the output y of intermediate hidden layer according to claim 2 stepjWith the output o of output layerk
S43 exports o according to calculatingkWith reality output dk, calculate the error e of each neuron of output layerk, computing system overall error E, Formula is as follows:
S44 calculates weight correction amount according to step S31, and then adjusts each neuron weight;
S45 randomly selects next training data and is supplied to BP neural network, instruct all training datas to BP neural network into Row training;
S46, judges whether neural network global error E meets required precision, if E < ε, just terminates the training of network;It is no It then branches to step S43 to continue that each layer connection weight is continued to adjust, is so iterated training and goes down, until the overall situation of network Error meets condition or until the number of iterations reaches N;
S47 obtains network by mapping by the test defeated people of situation data into the trained neural network with evaluation capacity Situation value SA, finally by control network totality situation rank table security level locating for network can be obtained.
CN201811376507.1A 2018-11-19 2018-11-19 A kind of network security situation evaluating method based on CS and improved BP Pending CN109547431A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811376507.1A CN109547431A (en) 2018-11-19 2018-11-19 A kind of network security situation evaluating method based on CS and improved BP

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811376507.1A CN109547431A (en) 2018-11-19 2018-11-19 A kind of network security situation evaluating method based on CS and improved BP

Publications (1)

Publication Number Publication Date
CN109547431A true CN109547431A (en) 2019-03-29

Family

ID=65848164

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811376507.1A Pending CN109547431A (en) 2018-11-19 2018-11-19 A kind of network security situation evaluating method based on CS and improved BP

Country Status (1)

Country Link
CN (1) CN109547431A (en)

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110149333A (en) * 2019-05-23 2019-08-20 桂林电子科技大学 A kind of network security situation evaluating method based on SAE+BPNN
CN110363232A (en) * 2019-06-27 2019-10-22 南京理工大学 Millimeter wave detector New Jamming Effects Evaluation Method based on BP neural network
CN110472501A (en) * 2019-07-10 2019-11-19 南京邮电大学 A kind of fingerprint pore coding specification method neural network based
CN110543412A (en) * 2019-05-27 2019-12-06 上海工业控制安全创新科技有限公司 Automobile electronic function safety assessment method based on neural network accessibility
CN111126550A (en) * 2019-12-25 2020-05-08 武汉科技大学 Neural network molten steel temperature forecasting method based on Monte Carlo method
CN111262858A (en) * 2020-01-16 2020-06-09 郑州轻工业大学 Network security situation prediction method based on SA _ SOA _ BP neural network
CN111327494A (en) * 2020-02-14 2020-06-23 山东工商学院 Multi-domain SDN network traffic situation assessment method and system
CN112511351A (en) * 2020-12-01 2021-03-16 北京理工大学 Security situation prediction method and system based on MES identification data intercommunication system
CN112529683A (en) * 2020-11-27 2021-03-19 百维金科(上海)信息科技有限公司 Method and system for evaluating credit risk of customer based on CS-PNN
CN112615843A (en) * 2020-12-08 2021-04-06 国网四川省电力公司信息通信公司 Power Internet of things network security situation assessment method based on multi-channel SAE-AdaBoost
CN112713881A (en) * 2020-12-10 2021-04-27 国网四川省电力公司电力科学研究院 Synchronous clock maintaining system and method based on edge calculation
CN112905436A (en) * 2021-04-25 2021-06-04 中航机载系统共性技术有限公司 Quality evaluation prediction method for complex software
CN112926739A (en) * 2021-03-11 2021-06-08 北京计算机技术及应用研究所 Network countermeasure effectiveness evaluation method based on neural network model
CN113254319A (en) * 2020-02-12 2021-08-13 北京沃东天骏信息技术有限公司 Log alarm-based method and device
CN113487010A (en) * 2021-05-21 2021-10-08 国网浙江省电力有限公司杭州供电公司 Power grid network security event analysis method based on machine learning
CN115051864A (en) * 2022-06-21 2022-09-13 郑州轻工业大学 PCA-MF-WNN-based network security situation element extraction method and system
CN115412301A (en) * 2022-08-02 2022-11-29 云南电网有限责任公司信息中心 Network security prediction analysis method and system
CN116074658A (en) * 2023-03-06 2023-05-05 成都大汇物联科技有限公司 Hydropower station dam foundation monitoring method and system based on Internet of things

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102054199A (en) * 2010-12-31 2011-05-11 中国人民解放军63983部队 BP (Back Propagation) neural network algorithm based method for analyzing coating aging
CN106789214A (en) * 2016-12-12 2017-05-31 广东工业大学 It is a kind of based on the just remaining pair network situation awareness method and device of string algorithm
CN107122869A (en) * 2017-05-11 2017-09-01 中国人民解放军装备学院 The analysis method and device of Network Situation
CN107222333A (en) * 2017-05-11 2017-09-29 中国民航大学 A kind of network node safety situation evaluation method based on BP neural network
CN107782857A (en) * 2017-10-09 2018-03-09 江苏大学 Flexible measurement method based on the edible fungus fermented process key parameter for improving CS BPNN
US20180288100A1 (en) * 2016-01-08 2018-10-04 Secureworks Corp. Systems and Methods for Security Configuration

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102054199A (en) * 2010-12-31 2011-05-11 中国人民解放军63983部队 BP (Back Propagation) neural network algorithm based method for analyzing coating aging
US20180288100A1 (en) * 2016-01-08 2018-10-04 Secureworks Corp. Systems and Methods for Security Configuration
CN106789214A (en) * 2016-12-12 2017-05-31 广东工业大学 It is a kind of based on the just remaining pair network situation awareness method and device of string algorithm
CN107122869A (en) * 2017-05-11 2017-09-01 中国人民解放军装备学院 The analysis method and device of Network Situation
CN107222333A (en) * 2017-05-11 2017-09-29 中国民航大学 A kind of network node safety situation evaluation method based on BP neural network
CN107782857A (en) * 2017-10-09 2018-03-09 江苏大学 Flexible measurement method based on the edible fungus fermented process key parameter for improving CS BPNN

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
王志华: "基于CS-BPNN的网络安全态势评估方法研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *
谢丽霞: "基于布谷鸟搜索优化BP神经网络的网络安全态势评估方法", 《计算机应用》 *

Cited By (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110149333B (en) * 2019-05-23 2021-06-29 桂林电子科技大学 Network security situation assessment method based on SAE + BPNN
CN110149333A (en) * 2019-05-23 2019-08-20 桂林电子科技大学 A kind of network security situation evaluating method based on SAE+BPNN
CN110543412A (en) * 2019-05-27 2019-12-06 上海工业控制安全创新科技有限公司 Automobile electronic function safety assessment method based on neural network accessibility
CN110363232A (en) * 2019-06-27 2019-10-22 南京理工大学 Millimeter wave detector New Jamming Effects Evaluation Method based on BP neural network
CN110363232B (en) * 2019-06-27 2022-09-27 南京理工大学 BP neural network-based millimeter wave detector interference effect evaluation method
CN110472501A (en) * 2019-07-10 2019-11-19 南京邮电大学 A kind of fingerprint pore coding specification method neural network based
CN110472501B (en) * 2019-07-10 2022-08-30 南京邮电大学 Neural network-based fingerprint sweat pore coding classification method
CN111126550A (en) * 2019-12-25 2020-05-08 武汉科技大学 Neural network molten steel temperature forecasting method based on Monte Carlo method
CN111262858B (en) * 2020-01-16 2020-12-25 郑州轻工业大学 Network security situation prediction method based on SA _ SOA _ BP neural network
CN111262858A (en) * 2020-01-16 2020-06-09 郑州轻工业大学 Network security situation prediction method based on SA _ SOA _ BP neural network
CN113254319A (en) * 2020-02-12 2021-08-13 北京沃东天骏信息技术有限公司 Log alarm-based method and device
CN111327494A (en) * 2020-02-14 2020-06-23 山东工商学院 Multi-domain SDN network traffic situation assessment method and system
CN111327494B (en) * 2020-02-14 2023-05-16 山东工商学院 Multi-domain SDN network flow situation assessment method and system
CN112529683A (en) * 2020-11-27 2021-03-19 百维金科(上海)信息科技有限公司 Method and system for evaluating credit risk of customer based on CS-PNN
CN112511351A (en) * 2020-12-01 2021-03-16 北京理工大学 Security situation prediction method and system based on MES identification data intercommunication system
CN112615843B (en) * 2020-12-08 2022-07-08 国网四川省电力公司信息通信公司 Power Internet of things network security situation assessment method based on multi-channel SAE-AdaBoost
CN112615843A (en) * 2020-12-08 2021-04-06 国网四川省电力公司信息通信公司 Power Internet of things network security situation assessment method based on multi-channel SAE-AdaBoost
CN112713881A (en) * 2020-12-10 2021-04-27 国网四川省电力公司电力科学研究院 Synchronous clock maintaining system and method based on edge calculation
CN112926739A (en) * 2021-03-11 2021-06-08 北京计算机技术及应用研究所 Network countermeasure effectiveness evaluation method based on neural network model
CN112926739B (en) * 2021-03-11 2024-03-19 北京计算机技术及应用研究所 Network countermeasure effectiveness evaluation method based on neural network model
CN112905436A (en) * 2021-04-25 2021-06-04 中航机载系统共性技术有限公司 Quality evaluation prediction method for complex software
CN112905436B (en) * 2021-04-25 2023-10-27 中航机载系统共性技术有限公司 Quality evaluation prediction method for complex software
CN113487010A (en) * 2021-05-21 2021-10-08 国网浙江省电力有限公司杭州供电公司 Power grid network security event analysis method based on machine learning
CN113487010B (en) * 2021-05-21 2024-01-05 国网浙江省电力有限公司杭州供电公司 Power grid network security event analysis method based on machine learning
CN115051864A (en) * 2022-06-21 2022-09-13 郑州轻工业大学 PCA-MF-WNN-based network security situation element extraction method and system
CN115051864B (en) * 2022-06-21 2024-02-27 郑州轻工业大学 PCA-MF-WNN-based network security situation element extraction method and system
CN115412301A (en) * 2022-08-02 2022-11-29 云南电网有限责任公司信息中心 Network security prediction analysis method and system
CN115412301B (en) * 2022-08-02 2024-03-22 云南电网有限责任公司信息中心 Predictive analysis method and system for network security
CN116074658B (en) * 2023-03-06 2023-08-25 成都大汇物联科技有限公司 Hydropower station dam foundation monitoring method and system based on Internet of things
CN116074658A (en) * 2023-03-06 2023-05-05 成都大汇物联科技有限公司 Hydropower station dam foundation monitoring method and system based on Internet of things

Similar Documents

Publication Publication Date Title
CN109547431A (en) A kind of network security situation evaluating method based on CS and improved BP
Zhang et al. Short-term wind speed interval prediction based on artificial intelligence methods and error probability distribution
CN105117602B (en) A kind of metering device running status method for early warning
CN108776683A (en) A kind of electric power operation/maintenance data cleaning method based on isolated forest algorithm and neural network
CN106453293A (en) Network security situation prediction method based on improved BPNN (back propagation neural network)
CN103105246A (en) Greenhouse environment forecasting feedback method of back propagation (BP) neural network based on improvement of genetic algorithm
CN107222333A (en) A kind of network node safety situation evaluation method based on BP neural network
CN112464996B (en) LSTM-XGBoost-based intelligent power grid intrusion detection method
Yang et al. An oil imports dependence forecasting system based on fuzzy time series and multi-objective optimization algorithm: Case for China
Chen et al. A recurrent neural network based approach for Web service QoS prediction
CN109657147A (en) Microblogging abnormal user detection method based on firefly and weighting extreme learning machine
Sun et al. Evaluation of university project based on partial least squares and dynamic back propagation neural network group
CN115277354A (en) Fault detection method for command control network management system
CN113705922A (en) Improved ultra-short-term wind power prediction algorithm and model establishment method
Ghanem et al. NEW APPROACH TO IMPROVE ANOMALY DETECTION USING A NEURAL NETWORK OPTIMIZED BY HYBRID ABC AND PSO ALGORITHMS.
CN115964503B (en) Safety risk prediction method and system based on community equipment facilities
Ma et al. Traffic flow forecasting research based on Bayesian normalized Elman neural network
CN115115167A (en) Campus security system and operation method thereof
Jovanovic et al. The xgboost tuning by improved firefly algorithm for network intrusion detection
Zhang et al. Network Traffic Prediction Based on Improved GA-Elman Neural Network
Yu A new model of intelligent hybrid network intrusion detection system
Huang et al. Wine quality evaluation model based on artificial bee colony and BP neural network
Wang et al. Research on computer network security evaluation method based on Levenberg-Marquardt algorithms
Lian et al. Modified BP neural network model is used for oddeven discrimination of integer number
Wang et al. Prediction of Chlorophyll-a content using hybrid model of least squares support vector regression and radial basis function neural networks

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190329

RJ01 Rejection of invention patent application after publication