北京邮电大学学报

  • EI核心期刊

北京邮电大学学报 ›› 2014, Vol. 37 ›› Issue (1): 71-75.doi: 10.13190/j.jbupt.2014.01.016

• 研究报告 • 上一篇    下一篇

基于二维熵分量的K均值攻击效果评估

戴方芳1, 郑康锋1, 胡影2, 李忠献3   

  1. 1. 北京邮电大学 信息安全中心, 北京 100876;
    2. 武警北京指挥学院, 北京 100012;
    3. 国瑞数码安全系统有限公司, 北京 100088
  • 收稿日期:2013-04-12 出版日期:2014-02-28 发布日期:2014-01-07
  • 作者简介:戴方芳(1989—),女,博士生,E-mail:daiff.bupt@gmail.com;郑康锋(1975—),男,副教授,博士生导师.
  • 基金资助:

    国家自然科学基金项目(61070204,61101108);中央高校基本科研业务费专项资金项目(BUPT2012PTB0102);国家科技支撑计划项目(2012BAH37B05)

A K-Means Cluster Evaluation of Attack Effect Based on Bi-Dimensional Entropy Components

DAI Fang-fang1, ZHENG Kang-feng1, HU Ying2, LI Zhong-xian3   

  1. 1. Information Security Center, Beijing University of Posts and Telecommunications, Beijing 100876, China;
    2. Armed Police Beijing Command Academy, Beijing 100012, China;
    3. National Cybernet Security Ltd, Beijing 100088, China
  • Received:2013-04-12 Online:2014-02-28 Published:2014-01-07

摘要:

提出了一种利用二维熵分量的K均值攻击效果聚类评估方法. 利用网络熵预处理攻击数据集,将效果数据映射到二维平面,并以二维熵分量作为聚类的输入,然后基于K均值算法建立聚类数据集与效果分类之间的关系,实现了对网络攻击效果结果集的明确划分,并提供快速有效的评估结果. 仿真实验结果证明,该方法能高效正确地处理攻击数据,并以评估结果类图的形式提供直观的评估结果.

关键词: 效果评估, 聚类, 熵, K均值

Abstract:

A K-means cluster evaluation technique using bi-dimensional entropy components was proposed. The attack dataset on the basis of network entropy was preprocessed, a two-dimensional plane was mapped. The output of preprocess as the input of clustering was utilized. And a relation between the attack dataset and the effect category on the basis of K-means algorithm was established, thus an explicit division of attack effect set was achieved. Efficient evaluation was given. Experiment shows that the method can process attack dataset with high efficiency, as well as provide a visualized evaluation result by form of evaluation cluster diagram.

Key words: effect evaluation, clustering, entropy, K-means algorithm

中图分类号: