CN110278108B - Simulated annealing algorithm-based multi-autonomous-body network intrusion tolerance capability assessment method - Google Patents

Simulated annealing algorithm-based multi-autonomous-body network intrusion tolerance capability assessment method Download PDF

Info

Publication number
CN110278108B
CN110278108B CN201910421411.0A CN201910421411A CN110278108B CN 110278108 B CN110278108 B CN 110278108B CN 201910421411 A CN201910421411 A CN 201910421411A CN 110278108 B CN110278108 B CN 110278108B
Authority
CN
China
Prior art keywords
value
robustness
nodes
autonomous
solution
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910421411.0A
Other languages
Chinese (zh)
Other versions
CN110278108A (en
Inventor
伍益明
徐�明
郑宁
王广
乔通
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Dianzi University
Original Assignee
Hangzhou Dianzi University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Dianzi University filed Critical Hangzhou Dianzi University
Priority to CN201910421411.0A priority Critical patent/CN110278108B/en
Publication of CN110278108A publication Critical patent/CN110278108A/en
Application granted granted Critical
Publication of CN110278108B publication Critical patent/CN110278108B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/12Discovery or management of network topologies

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses a simulated annealing algorithm-based multi-autonomous-body network intrusion resistance evaluation method, which applies a simulated annealing technology to the field of network intrusion resistance evaluation, and simultaneously comprehensively considers three alternative states introduced during updating of a network robustness calculation subset pair on the basis of the traditional simulated annealing method, so that the subset pair update has higher sampling randomness. The method has the advantage of overcoming the problem that the large-scale multi-autonomous-body network intrusion-tolerant capability assessment cannot be solved due to NP difficulty.

Description

Simulated annealing algorithm-based multi-autonomous-body network intrusion tolerance capability assessment method
Technical Field
The invention relates to the technical field of network intrusion tolerance assessment, in particular to a multi-autonomous-body network intrusion tolerance assessment method based on a simulated annealing algorithm.
Background
The multi-autonomous system refers to a large-scale network system composed of a plurality of autonomous bodies with sensing, communication, computing and executing capabilities, and is widely used as an implementation carrier of a distributed cooperation algorithm. The multi-autonomous system not only has the advantages of resource sharing, good coordination, strong autonomy and the like of a general distributed system, but also has strong robustness and reliability because each autonomous body can solve the problem of large-scale complexity through coordination and cooperation. However, in recent years, with the network security risk becoming more prominent, network designers pay more attention to the evaluation of their network intrusion-tolerant capability in the process of constructing a multi-autonomous system. Network topology (r, s) -robustness is an effective index for measuring the intrusion tolerance capability of a multi-autonomous network at present.
The existing evaluation methods for the robustness of the network topology, such as exhaustion, graph construction, linear programming, functional relationship and the like, evaluate two values of (r, s) of the network topology, which are obtained through an exhaustion and traversal algorithm, need to acquire link information of the network communication topology overall situation. However, it has been documented that evaluating the decision on the value pairs (r, s) in robustness is an NP-hard problem. Therefore, the conventional method is only suitable for a small-sized multi-host network with a small number of nodes, and cannot be applied to a large-scale network with a large number of nodes.
Disclosure of Invention
The invention provides a network intrusion tolerance assessment method which is simple, easy to implement and suitable for a large-scale multi-autonomous system with a large number of nodes, aiming at overcoming the defects of the existing assessment technology.
The technical scheme adopted by the invention for solving the technical problems is as follows:
a simulated annealing algorithm-based multi-autonomous-body network intrusion tolerance capability assessment method comprises the following steps:
1) setting conditions: nodes in the graph theory are adopted to represent a plurality of autonomous bodies, and edges in the graph theory represent communication links between autonomous bodies; giving a directed graph D ═ (V, E), where V is a set of nodes and E is a set of edges; let A (D) be an adjacency matrix of a directed graph D, and then give an initial temperature of T0Termination temperature of TfThe temperature reduction temperature is delta T, the iteration number q is obtained, and the real-time temperature T is enabledtIs an initial temperature T0(ii) a Setting an initial robustness value to (r)min,smin) (ii) a Let r bemin=min{δin(D),[n/2]},sminN, where δin(D) Representing the minimum in-degree of the directed graph D, wherein n represents the number of nodes in the directed graph;
2) obtaining a primary solution: randomly generating a pair of non-empty disjoint subsets S in a set of nodes V1,S2Performing robustness calculation f (A), (D), S1,S2,rmin,smin) Obtaining a subset pair S1,S2An optimum robustness value (r, s) is satisfied;
3) generating a new solution: update the subset pair S1,S2Form a new subset pair S'1,S’2Robustness calculation f (A (D), S 'is performed again'1,S’2,rmin,smin) To obtain a subset pair S'1,S’2An optimum robustness value (r ', s') satisfied;
4) comparing the initial solution with the new solution, and calculating by taking the value of delta r as (r '-r) multiplied by n + (s' -s); if the new solution is better than the initial solution, i.e. Δ r < 0, the new solution (S 'is directly accepted'1,S’2R ', s'); if the new solution is inferior to the initial solution and delta r is more than or equal to 0, the new solution (S ') is accepted according to the Metropolis criterion'1,S’2,r’,s’);
The Metropolis criteria includes the following steps:
(4.1) generating a random number xi epsilon U (0, 1);
(4.2) if exp (- Δ r/Tt)>ξ, receiving a new solution (S'1,S’2R ', s'); otherwise, the initial solution (S) is maintained1,S2,r,s);
5)(rmin,smin) And (3) updating the numerical value: if the result obtained in step 4) is a new solution, let rmin=r’,sminS'; if the result obtained in step 4) is the initial solution, let rmin=r,smin=s;
6) When the iteration number reaches the set upper limit, the real-time temperature is reduced by delta T, namely Tt←Tt- Δ T, go to step 7); otherwise, turning to the step 2);
7) when real-time temperature TtGreater than algorithm end temperature TfTurning to step 2); otherwise, the operation is finished.
Preferably, the optimal robustness calculation method satisfied by the subset pairs in the steps 2) and 3) comprises the following steps:
(2.1) given that n represents the number of nodes in FIG. D, let r be rmin,s=smin
(2.2) if the robustness value r > 0, then perform the robustness valid function RobustHolds (A (D)), S1,S2R, s) determination; if the result of the determination is true, the current robustness value (r, S) is the node subset pair S1,S2An optimal robustness value is satisfied; if the judgment result is false, the robustness value s is reduced by 1, and the value r is unchanged; when the value s is decreased to 0, the robustness value r is decreased by 1, and the value s becomes n; if the value r is equal to 0, the operation is ended;
the method for judging RobustHolds in the step (2.2) mainly comprises the following steps:
(2.2.1) computing the non-empty subset S1The number of nodes with the number of the adjacent nodes with the degree of attack being more than or equal to r is counted by k1
(2.2.2) computing the non-empty subset S2The number of nodes with the number of the adjacent nodes with the degree of attack being more than or equal to r is counted by k2
(2.2.3) when k1=S1Or k2=S2Or (k)1+k2)>When the judgment result is s, the RobustHolds judges that the judgment result is true, otherwise, the judgment result is false.
Preferably, in step 3), the updating method of the subset pair S1 and S2 includes:
(3.1) initialization S1S ofneighbors
(3.2) generating a random number xi epsilon U (0, 1); when the random number xi is less than 1/3, from S1In the method, a node is randomly selected and replaced by a slave SneighborsRandomly selecting one node; when the random number xi is equal to or greater than 1/3 and less than 2/3, from SneighborsRandomly selecting a node to add to the set S1Performing the following steps; when the random number xi is equal to or greater than 2/3 and less than 1, the random number is S1Deleting a node;
(3.3) from the set S1Is sampled to obtain a new S2And (4) collecting.
The annealing simulation method is a method for solving an approximate optimal solution, is firstly used for simulating a metal melting process in physics to find the optimal solution, and is widely applied to various fields such as a traveler problem and an influence maximization problem.
The simulated annealing technology is applied to the field of network intrusion tolerance capability evaluation, and three alternative states are comprehensively considered on the basis of the traditional simulated annealing method when the network robustness calculation subset pair is updated, so that the subset pair update has higher sampling randomness.
The method has the advantage of overcoming the problem that the large-scale multi-autonomous-body network intrusion-tolerant capability assessment cannot be solved due to NP difficulty.
Drawings
FIG. 1 is a flow chart of the present invention.
Fig. 2 is a flow chart of specific steps.
Detailed Description
The invention is further described below with reference to the accompanying drawings of the specification:
a simulated annealing algorithm-based multi-autonomous-body network intrusion tolerance capability assessment method comprises the following steps:
1) setting conditions: for convenience in explaining the invention, the multi-autonomous network model is described by means of mathematical graph theory, nodes in the graph theory are used for representing multi-autonomous entities, and edges in the graph theory are used for representing communication links between autonomous entities. Given a directed graph D ═ V, E, where V is the set of nodes and E is the set of edges. Let A (D) be an adjacency matrix of a directed graph D, and then give an initial temperature of T0Termination temperature of TfThe temperature reduction temperature is delta T, the iteration number q is obtained, and the real-time temperature T is enabledtIs an initial temperature T0. Setting an initial robustness value to (r)min,smin). Let r bemin=min{δin(D),[n/2]},sminN, where δin(D) The minimum in-degree of the directed graph D is shown, and n represents the number of nodes in the directed graph.
2) Obtaining a primary solution: randomly generating a pair of non-empty disjoint subsets S in a set of nodes V1,S2Performing robustness calculation f (A), (D), S1,S2,rmin,smin) Obtaining a subset pair S1,S2The satisfied optimal robustness value (r, s).
3) Generating a new solution: update the subset pair S1,S2Form a new subset pair S'1,S’2Robustness calculation f (A (D), S 'is performed again'1,S’2,rmin,smin) To obtain a subset pair S'1,S’2The optimum robustness value (r ', s') is satisfied.
4) The initial solution is compared with the new solution and calculated, and the Δ r ═ r '-r × n + (s' -s). If the new solution is better than the original solution (. DELTA.r < 0), the new solution (S 'is directly accepted'1,S’2R ', s'); if the new solution is inferior to the initial solution (delta r is more than or equal to 0), the new solution (S 'is accepted according to the Metropolis criterion'1,S’2R ', s'). The Metropolis criteria includes the following steps:
(4.1) generating a random number xi ∈ U (0, 1).
(4.2) if exp (- Δ r/Tt)>ξ, receiving a new solution (S'1,S’2R ', s'); otherwise, the initial solution (S) is maintained1,S2,r,s)。
5)(rmin,smin) And (3) updating the numerical value: if the result obtained in step 4) is a new solution, let rmin=r’,sminS'; if the result obtained in step 4) is the initial solution, let rmin=r,smin=s。
6) When the iteration number reaches the set upper limit, the real-time temperature is reduced by delta T, namely Tt←Tt- Δ T, go to step 6); otherwise, turning to the step 2).
7) When real-time temperature TtGreater than algorithm end temperature TfTurning to step 2); otherwise, the operation is finished.
Further, the optimal robustness calculation method satisfied by the subset pairs in the steps 2) and 3) comprises the following steps:
(2.1) given that n represents the number of nodes in FIG. D, let r be rmin,s=smin
(2.2) if the robustness value r > 0, then RobustHolds (A (D)), S1,S2R, s). If the result of the determination is true, the current robustness value (r, S) is the node subset pair S1,S2An optimal robustness value is satisfied; if the result of the determination is false, the robustness value s is decreased by 1 and the value r is unchanged. When the value s is reduced to 0, the robustness value r is reduced by 1 and the value s becomes n. If the value r is equal to 0, the operation is ended;
the method for judging RobustHolds in the step (2.2) mainly comprises the following steps:
(2.2.1) computing the non-empty subset S1The number of nodes with the number of the adjacent nodes with the degree of attack being more than or equal to r is counted by k1
(2.2.2) computing the non-empty subset S2The number of nodes with the number of the adjacent nodes with the degree of attack being more than or equal to r is counted by k2
(2.2.3) when k1=S1Or k2=S2Or (k)1+k2)>When is equal to sAnd judging that RobustHolds is true, otherwise, judging that the RobustHolds is false. Further, in step 3), the updating method of the subset pair S1 and S2 includes:
(3.1) initialization S1S ofneighbors
(3.2) generating a random number xi ∈ U (0, 1). When the random number xi is less than 1/3, from S1In the method, a node is randomly selected and replaced by a slave SneighborsRandomly selecting one node; when the random number xi is equal to or greater than 1/3 and less than 2/3, from SneighborsRandomly selecting a node to add to the set S1Performing the following steps; when the random number xi is equal to or greater than 2/3 and less than 1, the random number is S1One node is deleted.
(3.3) from the set S1Is sampled to obtain a new S2And (4) collecting.
The annealing simulation method is a method for solving an approximate optimal solution, is firstly used for simulating a metal melting process in physics to find the optimal solution, and is widely applied to various fields such as a traveler problem and an influence maximization problem. The simulated annealing technology is applied to the field of network intrusion tolerance capability evaluation, and three alternative states are comprehensively considered on the basis of the traditional simulated annealing method when the network robustness calculation subset pair is updated, so that the subset pair update has higher sampling randomness.
The embodiments of the present invention are described in detail with reference to the prior art, and the description thereof is not limited thereto.
The above specific implementation is a specific support for the technical idea of the multi-autonomous-network intrusion-tolerance capability evaluation method based on the simulated annealing algorithm, and the protection scope of the present invention cannot be limited thereby, and any equivalent changes or equivalent changes made on the basis of the technical scheme of the present invention according to the technical idea of the present invention still belong to the protection scope of the technical scheme of the present invention.

Claims (2)

1. A simulated annealing algorithm-based multi-autonomous-body network intrusion tolerance capability assessment method is characterized by comprising the following steps: the method comprises the following steps:
1) setting conditions: nodes in the graph theory are adopted to represent a plurality of autonomous bodies, and edges in the graph theory represent communication links between autonomous bodies; giving a directed graph D ═ (V, E), where V is a set of nodes and E is a set of edges; let A (D) be an adjacency matrix of a directed graph D, and then give an initial temperature of T0Termination temperature of TfThe temperature reduction temperature is delta T, the iteration number q is obtained, and the real-time temperature T is enabledtIs an initial temperature T0(ii) a Setting an initial robustness value to (r)min,smin) (ii) a Let r bemin=min{δin(D),[n/2]},sminN, where δin(D) Representing the minimum in-degree of the directed graph D, wherein n represents the number of nodes in the directed graph;
2) obtaining a primary solution: randomly generating a pair of non-empty disjoint subsets S in a set of nodes V1,S2Performing robustness calculation f (A), (D), S1,S2,rmin,smin) Obtaining a subset pair S1,S2An optimum robustness value (r, s) is satisfied;
the optimal robustness calculation method satisfied by the subset pair comprises the following steps:
(2.1) given that n represents the number of nodes in FIG. D, let r be rmin,s=smin
(2.2) if the robustness value r > 0, then perform the robustness valid function RobustHolds (A (D)), S1,S2R, s) determination; if the result of the determination is true, the current robustness value (r, S) is the node subset pair S1,S2An optimal robustness value is satisfied; if the judgment result is false, the robustness value s is reduced by 1, and the value r is unchanged; when the value s is decreased to 0, the robustness value r is decreased by 1, and the value s becomes n; if the value r is equal to 0, the operation is ended;
the method for judging RobustHolds in the step (2.2) mainly comprises the following steps:
(2.2.1) computing the non-empty subset S1The number of nodes with the number of the adjacent nodes with the degree of attack being more than or equal to r is counted by k1
(2.2.2) computing the non-empty subset S2The number of nodes with the number of the adjacent nodes with the degree of attack being more than or equal to r is counted by k2
(2.2.3) when k1=S1Or k2=S2Or (k)1+k2)>When the signal is s, the RobustHolds judges that the signal is true, otherwise, the signal is judged to be false;
3) generating a new solution: update the subset pair S1,S2Form a new subset pair S'1,S’2Robustness calculation f (A (D), S 'is performed again'1,S’2,rmin,smin) To obtain a subset pair S'1,S’2An optimum robustness value (r ', s') satisfied;
4) comparing the initial solution with the new solution, and calculating by taking the value of delta r as (r '-r) multiplied by n + (s' -s); if the new solution is better than the initial solution, i.e. Δ r < 0, the new solution (S 'is directly accepted'1,S’2R ', s'); if the new solution is inferior to the initial solution, namely delta r is more than or equal to 0, the new solution (S 'is accepted according to the Metropolis criterion'1,S’2,r’,s’);
The Metropolis criteria includes the following steps:
(4.1) generating a random number xi epsilon U (0, 1);
(4.2) if exp (- Δ r/Tt)>ξ, receiving a new solution (S'1,S’2R ', s'); otherwise, the initial solution (S) is maintained1,S2,r,s);
5)(rmin,smin) And (3) updating the numerical value: if the result obtained in step 4) is a new solution, let rmin=r’,sminS'; if the result obtained in step 4) is the initial solution, let rmin=r,smin=s;
6) When the iteration number reaches the set upper limit, the real-time temperature is reduced by delta T, namely Tt←Tt- Δ T, go to step 7); otherwise, turning to the step 2);
7) when real-time temperature TtGreater than algorithm end temperature TfTurning to step 2); otherwise, the operation is finished.
2. The method for evaluating the intrusion tolerance capability of the multi-autonomous body network based on the simulated annealing algorithm according to claim 1, wherein: in step 3), the updating method of the subset pair S1 and S2 includes:
(3.1) initialization S1S ofneighbors
(3.2) generating a random number xi epsilon U (0, 1); when the random number xi is less than 1/3, from S1In the method, a node is randomly selected and replaced by a slave SneighborsRandomly selecting one node; when the random number xi is equal to or greater than 1/3 and less than 2/3, from SneighborsRandomly selecting a node to add to the set S1Performing the following steps; when the random number xi is equal to or greater than 2/3 and less than 1, the random number is S1Deleting a node;
(3.3) from the set S1Is sampled to obtain a new S2And (4) collecting.
CN201910421411.0A 2019-05-21 2019-05-21 Simulated annealing algorithm-based multi-autonomous-body network intrusion tolerance capability assessment method Active CN110278108B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910421411.0A CN110278108B (en) 2019-05-21 2019-05-21 Simulated annealing algorithm-based multi-autonomous-body network intrusion tolerance capability assessment method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910421411.0A CN110278108B (en) 2019-05-21 2019-05-21 Simulated annealing algorithm-based multi-autonomous-body network intrusion tolerance capability assessment method

Publications (2)

Publication Number Publication Date
CN110278108A CN110278108A (en) 2019-09-24
CN110278108B true CN110278108B (en) 2021-10-29

Family

ID=67960005

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910421411.0A Active CN110278108B (en) 2019-05-21 2019-05-21 Simulated annealing algorithm-based multi-autonomous-body network intrusion tolerance capability assessment method

Country Status (1)

Country Link
CN (1) CN110278108B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11855866B1 (en) 2022-09-29 2023-12-26 The Mitre Corporation Systems and methods for assessing a computing network's physical robustness

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101593132A (en) * 2009-06-25 2009-12-02 北京航空航天大学 Multi-core parallel simulated annealing method based on thread constructing module
CN106534295A (en) * 2016-11-08 2017-03-22 中国空间技术研究院 Adjacency pair calculation self allocation method for proximity cooperation network

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060095484A1 (en) * 2004-10-28 2006-05-04 Netaps Inc. Method and system for solving an optimization problem

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101593132A (en) * 2009-06-25 2009-12-02 北京航空航天大学 Multi-core parallel simulated annealing method based on thread constructing module
CN106534295A (en) * 2016-11-08 2017-03-22 中国空间技术研究院 Adjacency pair calculation self allocation method for proximity cooperation network

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
恶意攻击下网络鲁棒的多智能体遗传算法优化;安柏慧;《硕士学位论文》;20180430;全文 *

Also Published As

Publication number Publication date
CN110278108A (en) 2019-09-24

Similar Documents

Publication Publication Date Title
CN112348204B (en) Safe sharing method for marine Internet of things data under edge computing framework based on federal learning and block chain technology
Shang Hybrid consensus for averager–copier–voter networks with non-rational agents
CN109064348B (en) Method for locking rumor community and inhibiting rumor propagation in social network
CN107123056B (en) Social big data information maximization method based on position
Hlinka et al. Distributed data fusion using iterative covariance intersection
CN105574191B (en) Online community network multi-source point information source tracing system and method
CN110278108B (en) Simulated annealing algorithm-based multi-autonomous-body network intrusion tolerance capability assessment method
CN115378813B (en) Distributed online optimization method based on differential privacy mechanism
CN115660147A (en) Information propagation prediction method and system based on influence modeling between propagation paths and in propagation paths
CN103400299A (en) Method for detecting network overlapped communities based on overlapped point identification
CN111105005B (en) Wind power prediction method
White et al. Sampling online social networks using coupling from the past
Eziama et al. Detection of adversary nodes in machine-to-machine communication using machine learning based trust model
CN106203172A (en) Weighting sensitivity limit method for secret protection on network shortest path
Malladi et al. Decentralized aggregation design and study of federated learning
CN115935407A (en) Adaptive differential privacy protection method for federal learning
CN107609982B (en) Method for carrying out community discovery by considering community structure stability and increment related nodes
CN111079024B (en) Public opinion propagation model construction method based on reinforced effect SCIR network
Lingda et al. Evaluation method of trust degree of distribution IoT terminal equipment based on information entropy
CN115460608A (en) Method and device for executing network security policy and electronic equipment
Li et al. A hybrid trust management framework for wireless sensor and actuator networks in cyber-physical systems
CN114595639A (en) Atmospheric pollutant diffusion numerical simulation method based on deep learning
CN115640845A (en) Method for generating few-category samples of neural network of graph based on generation of confrontation network
Manzoor et al. Centralised vs. Decentralised Federated Load Forecasting: Who Holds the Key to Adversarial Attack Robustness?
CN106506183B (en) The discovery method and device of Web Community

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant