基于深度信念网络的端信息跳变模式自适应策略

doi:10.13190/j.jbupt.2018-268

北京邮电大学学报 ›› 2019, Vol. 42 ›› Issue (3): 64-71.doi: 10.13190/j.jbupt.2018-268

基于深度信念网络的端信息跳变模式自适应策略

石乐义^1,2, 李剑蓝¹, 郭宏彬¹, 马猛飞¹, 陈鸿龙³

1. 中国石油大学(华东) 计算机与通信工程学院, 青岛 266580;
2. 广西密码学与信息安全重点实验室, 桂林 541000;
3. 中国石油大学(华东) 信息与控制工程学院, 青岛 266580

收稿日期:2018-10-31 出版日期:2019-06-28 发布日期:2019-06-20
作者简介:石乐义(1975-),男,教授,E-mail:shileyi@upc.edu.cn.
基金资助:
山东省自然科学基金项目（ZR201808160254）；广西密码学与信息安全重点实验室研究课题（GCIS201811）；国家自然科学基金项目（61772551）

Research on Adaptive Strategy of End Hopping System Based on Deep Belief Nets

SHI Le-yi^1,2, LI Jian-lan¹, GUO Hong-bin¹, MA Meng-fei¹, CHEN Hong-long³

1. College of Computer and Communication Engineering, China University of Petroleum(East China), Qingdao 266580, China;
2. Guangxi Key Laboratory of Cryptography and Information Security, Guangxi 53000, China;
3. College of Information and Control Engineering, China University of Petroleum(East China), Qingdao 266580, China

Received:2018-10-31 Online:2019-06-28 Published:2019-06-20

摘要/Abstract

摘要： 针对端信息跳变主动防御技术中跳变策略单一的问题，将多样异构的跳变模式引入端信息跳变系统，拓展了端信息的定义，并给出跳变策略的自适应调整方案.提出一种基于深度信念网络的端信息跳变自适应模型，形式化地描述了模型中数据收集、特征提取和状态预测等过程，定义了端信息跳变网络状态特征指标，并建立了特征数据集.利用深度信念网络对数据集进行建模，利用马尔可夫链预测下一周期的网络状态，并根据预测结果选取异构的跳变模式，从而实现端信息跳变模式的自适应变化.实验结果显示，模型网络状态识别和预测具有较高的准确性，并且异构的跳变策略能够有效抵御不同的攻击类型，进而验证了端信息跳变自适应模型的有效性和安全性.

关键词: 主动网络防御, 端信息跳变, 深度信念网络, 自适应策略

Abstract: For problem of single hopping strategy in active cyber defense of end hopping, the multiple and heterogeneous hopping patterns are introduced into the end hopping system, the definition of end information is expanded, and the self-adaptive adjustment scheme of the end hopping is given. Further, an adaptive model of end hopping based on deep belief network is proposed, and the process of data collection, feature extraction and state prediction are formalized. The state feature index of end hopping network is defined and the characteristic data set is established. The Markov chain is used to predict the state of network in the next cycle. The heterogeneous hopping mode is selected according to the prediction results. Thus, the adaptive change of the end hopping mode is realized. Experiments show that the network state recognition and prediction of the model all have high accuracy, and the heterogeneous hopping strategy can effectively resist different types of attacks, which illustrates the validity and security of the end hopping adaptive model.

Key words: active cyber defense, end hopping, deep belief network, adaptive strategy

中图分类号:

TN929.53

石乐义, 李剑蓝, 郭宏彬, 马猛飞, 陈鸿龙. 基于深度信念网络的端信息跳变模式自适应策略[J]. 北京邮电大学学报, 2019, 42(3): 64-71.

SHI Le-yi, LI Jian-lan, GUO Hong-bin, MA Meng-fei, CHEN Hong-long. Research on Adaptive Strategy of End Hopping System Based on Deep Belief Nets[J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2019, 42(3): 64-71.

参考文献

[1] 石乐义, 贾春福, 吕述望.基于端信息跳变的主动网络防护研究[J].通信学报, 2008, 29(2):106-110.Shi L Y, Jia C F, Lv S W.Research on end hopping for active network confrontation[J].Journal on Communications, 2008, 29(2):106-110.
[2] Jajodia S, Ghosh A K, Swarup V, et al.Moving target defense:creating asymmetric uncertainty for cyber threats[M].[s.l.]:Springer Science & Business Media, 2011:99-107.
[3] Venkatesan S, Albanese M, Amin K, et al.A moving target defense approach to mitigate DDoS attacks against proxy-based architectures[C]//IEEE Conference on Communications and Network Security (CNS).[S.l.]:IEEE, 2016:198-206.
[4] Wang S, Zhang L, Tang C.A new dynamic address solution for moving target defense[C]//Information Technology, Networking, Electronic and Automation Control Conference, IEEE, 2016:1149-1152.
[5] 邬江兴.网络空间拟态防御研究[J].信息安全学报, 2016, 1(4):1-10.Wu J.Research on cyber mimic defense[J].Journal of Cyber Security, 2016, 1(4):1-10.
[6] Hu H, Wu J, Wang Z, et al.Mimic defense:a designed-in cyber security defense framework[J].IET Information Security, 2018, 12(3):226-237.
[7] 仝青, 张铮, 张为华, 等.拟态防御Web服务器设计与实现[J].软件学报, 2017, 28(4):883-897.Tong Q, Zhang Z, Zhang W H, et al.Design and implementation of mimic defense Web server[J].Journal of Software, 2017, 28(4):883-897.
[8] 王禛鹏, 扈红超, 程国振.一种基于拟态安全防御的DNS框架设计[J].电子学报, 2017(11):2705-2714.Wang Z P, Hu H C, Cheng G Z.A DNS architecture based on mimic security defense[J].Acta Electronica Sinica, 2017(11):2705-2714.
[9] 雷程, 马多贺, 张红旗, 等.基于网络攻击面自适应转换的移动目标防御技术[J].计算机学报, 2018(5):1110-1131.Lei C, Ma D H, Zhang H Q, et al.Moving target defense technique based on network attack surface self-adaptive mutation[J].Chinese Journal of Computers, 2018(5):1110-1131.
[10] Ma D, Lei C, Wang L, et al.A self-adaptive hopping approach of moving target defense to thwart scanning attacks[C]//International Conference on Information and Communications Security.Springer, Cham, 2016:39-53.
[11] 赵春蕾.端信息跳变系统自适应策略研究[D].南开大学, 2012.
[12] 刘江, 张红旗, 代向东, 等.基于端信息自适应跳变的主动网络防御模型[J].电子信息技术学报, 2015, 37(11):2642-2649.Liu J, Zhang H Q, Dai X D, et al.A proactive network defense model based on self adaptive end hopping[J].Journal of Electronics & Information Technology, 2015, 37(11):2642-2649.
[13] Hinton G E, Osindero S, Teh Y W.A fast learning algorithm for deep belief nets[J].Neural Computation, 2006, 18(7):1527-1554.
[14] 邹国锋, 傅桂霞, 王科俊, 等.自适应深度卷积神经网络模型构建方法[J].北京邮电大学学报, 2017, 40(4):98-103.Zou Guofeng, Fu Guixia, Wang Kejun, et al.Construction method of adaptive deep convolutional neural network model[J].Journal of Beijing University of Posts and Telecommunications, 2017, 40(4):98-103.
[15] Lu N, Li T, Ren X, et al.A deep learning scheme for motor imagery classification based on restricted boltzmann machines[J].IEEE Transactions on Neural Systems and Rehabilitation Engineering, 2017, 25(6):566-576.
[16] Salah K, Kahtani A.Performance evaluation comparison of snort NIDS under Linux and Windows server[J].Journal of Network & Computer Applications, 2010, 33(1):6-15.
[17] 温晓.基于端信息跳扩混合的主动网络防御研究[D].中国石油大学(华东), 2017.

基于深度信念网络的端信息跳变模式自适应策略

Research on Adaptive Strategy of End Hopping System Based on Deep Belief Nets

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

本文评价

[1]	章晨宇温向明陈亚文. 蜂窝移动网络低成本高精度授时[J]. 北京邮电大学学报, 2023, 46(1): 103-108.
[2]	郭令奇褚智贤廖建新王敬宇陆璐. 意图驱动的自智网络资源按需服务[J]. 北京邮电大学学报, 2022, 45(6): 85-91.
[3]	初星河, 路兆铭, 王鲁晗, 武穆清, 温向明. 多径信号辅助的网联车辆无线协作定位[J]. 北京邮电大学学报, 2021, 44(2): 116-123.
[4]	张天魁, 王筱斐, 杨立伟, 杨鼎成. 移动网络SFC部署与计算资源分配联合算法[J]. 北京邮电大学学报, 2021, 44(1): 7-13.
[5]	吕廷杰, 宋罗娜, 滕颖蕾, 丰业媛. 面向生态可持续的下一代通信网络架构与评价体系[J]. 北京邮电大学学报, 2020, 43(6): 18-26,35.
[6]	何建华, 赵辉, 徐晓斌, 闫蕾, 王尚广. 基于改进双层LT码的天基物联网数据收集方法[J]. 北京邮电大学学报, 2020, 43(6): 118-125.
[7]	马璐, 刘铭, 李超, 路兆铭, 马欢. 面向6G边缘网络的云边协同计算任务调度算法[J]. 北京邮电大学学报, 2020, 43(6): 66-73.
[8]	管婉青, 张海君, 路兆铭. 基于DRL的6G多租户网络切片智能资源分配算法[J]. 北京邮电大学学报, 2020, 43(6): 132-139.
[9]	罗轶, 王雨婷, 施荣华, 严梦纯, 曾豪. 能量采集衬底式认知协作中继网络安全中断概率分析[J]. 北京邮电大学学报, 2020, 43(3): 105-111,124.
[10]	李君瑶, 常永宇, 曾天一. 大规模3D MIMO中基于信道相关的LOS/NLOS识别算法[J]. 北京邮电大学学报, 2020, 43(1): 1-7.
[11]	蒋芳, 张南飞, 胡艳军, 王翊. 基于BP神经网络的CSI无源目标分类方法[J]. 北京邮电大学学报, 2020, 43(1): 40-45.
[12]	任佳智, 田辉, 聂高峰. 基于本地内容流行度预测的主动缓存策略[J]. 北京邮电大学学报, 2020, 43(1): 80-91.
[13]	徐九韵, 孙忠顺, 张如如. 基于链路预测的手机节能方法[J]. 北京邮电大学学报, 2020, 43(1): 8-13,27.
[14]	李晓辉, 杜洋帆, 石潇竹, 杨胥. 基于信道模糊关联识别的NLOS测距误差补偿算法[J]. 北京邮电大学学报, 2020, 43(1): 21-27.
[15]	李鹏, 王德勇, 师文喜, 姜志国. 大数据环境下基于深度学习的行人再识别[J]. 北京邮电大学学报, 2019, 42(6): 29-34.