应用危险理论的网络安全风险感知模型

doi:10.13190/jbupt.201003.40.034

北京邮电大学学报 ›› 2010, Vol. 33 ›› Issue (3): 40-43.doi: 10.13190/jbupt.201003.40.034

应用危险理论的网络安全风险感知模型

柴争义^1,2, 刘芳¹

(1西安电子科技大学计算机学院, 西安 710071; 2河南工业大学信息科学与工程学院
, 郑州 450001)

收稿日期:2009-07-06 修回日期:2010-03-09 出版日期:2010-06-28 发布日期:2010-05-14
通讯作者: 柴争义 E-mail:super_chai@tom.com
基金资助:
国家自然科学基金项目(70701013)；陕西省“13115”科技创新工程重大科技专项项目（20 08ZDKG37）; 河南省自然科学基金项目（2009A520008,2010A520050）

A Perception Model for Network Risk Using Danger-Theory

CHAI Zheng-yi^1,2, LIU Fang¹

1School of Computer Science and Technology, Xidian University, Xian 710071, China; 
2School of Information Science and Engineering, Hennan University of Technology, Zhengzhou 450001, China)

Received:2009-07-06 Revised:2010-03-09 Online:2010-06-28 Published:2010-05-14

摘要/Abstract

摘要：

为了对网络安全风险进行有效感知，进而采取有效的防御措施，借鉴免疫危险理论，利用抗

体浓度，提出了一种网络风险实时、定量的感知模型. 首先，建立了基于动态自体的自体耐

受、各类检测器的数学模型及动力学演化方程、抗体浓度的定量表示方法；然后，设计了随

机生成和检测器基因库相结合的候选检测器生成机制，并采用疫苗接种和分发机制提高了网

络主动检测能力；最后，对模型进行仿真和对比. 实验结果表明，该模型可高效检测出网络

攻击，并能正确评估主机及网络面临每类攻击时的风险以及网络整体综合风险；同时，该模

型经过适当变换，还可应用于病毒检测及垃圾邮件识别等相关领域.

关键词: 人工免疫系统, 危险理论, 网络风险, 实时检测, 抗体浓度

Abstract:

In order to effectively assess the risk of network risk, and to take effective prevention measures,

featuring with realtime and quantitative detection, a dangertheory and Antibodyconcentration based perception model for network risk is proposed. Based on dynamic selfsets, the mathematical model and dynamic equations for selftolerance and various antibody are

designed. The quantify description of antibody concentration is given. The candidate detector

is generated from both random and detector genelib. Furthermore, the vaccination

are introduced to enhance the active detection. Simulations are done to test the model. The

experiments prove that the model can detect the intrusion attacks effectively and evaluate the

risk of both host and network including each attack and the whole attacks. If the model is trans-formed properly, it also can be applied to the fields of virus detection and spam mail recognition.

Key words: artificial immune system, danger theory, network risk, real-time detection, a ntibody concentration

中图分类号:

TP393

柴争义刘芳. 应用危险理论的网络安全风险感知模型[J]. 北京邮电大学学报, 2010, 33(3): 40-43.

CHAI Zheng-yi; LIU Fang;.

A Perception Model for Network Risk Using Danger-Theory [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2010, 33(3): 40-43.

参考文献

[1] Visintine V. An introduction to information risk assessment. SANS Institute Journal, 2003, 8(5): 101-118.
[2] Chu C K, Chu M. An integrated framework for the assessment of network operations, reliability, and security[J]. Bell Labs Technical Journal, 2004, 8(4): 133-152.
[3] 王晓箴, 卢志刚, 刘宝旭. 结合OCTAVE和灰色系统的信息安全风险评估方法[J]. 北京邮电大学学报, 2009, 32(5): 128-131. Wang Xiaozhen, Lu Zhigang, Liu Baoxu. Algorithm of information security risk evaluation based on OCTAVE and grey system [J]. Journal of Beijing University of Posts and Telecommunications, 2009, 32(5): 128-131.
[4] 韦勇, 连一峰. 基于日志审计与性能修正算法的网络安全态势评估模型. 计算机学报, 2009, 32(4): 763-772. Wei Yong, Lian Yifeng. A network security situational awareness model based on log audit and performance correction[J]. Chinese Journal of Computer, 2009, 32(4): 763-772.
[5] Li Tao. An immunity based network security risk estimation[J]. Science in China Ser F Information Sciences, 2005, 48(5): 557-578.
[6] 彭凌西, 陈月峰. 基于危险理论的网络风险模型[J]. 电子科技大学学报, 2007, 36(6): 1198-1201. Peng Lingxi, Chen Yuefeng. Danger theory based network risk evaluation model. Journal of University of Electronic Science and Technology of China, 2007, 36(6): 1198-1201.
[7] Glickman M, Balthrop J, Forrest S. A machine learning evaluation of an artificial immune system[J]. Evolut Comput, 2008, 13(2): 179-212.
[8] Matzinger P. Danger model: a renewed sense of self[J]. Science, 2004, 296(5566): 301-305.
[9] Zhou Ji, Dasgupta D. Revisiting negative selection algorithm[J]. Evolutionary Computation Journal, 2007, 15(2): 123-139.
[10] Dasgupta D. Advances in artificial immune system[J]. IEEE Comp Intel Mag, 2008, 11(4): 4-9.
[11] Kim J, Bentley P. Immune memory and gene library evolution in dynamical clone selection algorithm[J]. Journal of Genetic Programming and Evolvable Machines, 2008, 5(4): 361-391.
[12] Li Tao. Dynamic detection for computer virus based on immune system [J]. Science in China Series F: Information Sciences, 2008, 51(10): 1475-1486.
[13] University of California. KDDLib. (2009-03-02). http://kdd.ics.uci.edu/databases/kddcup99.html.

应用危险理论的网络安全风险感知模型

A Perception Model for Network Risk Using Danger-Theory

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 3

编辑推荐

Metrics

本文评价

[1]	芦天亮, 郑康锋, 刘颖卿, 胡影, 武斌. 基于动态克隆选择算法的病毒检测模型[J]. 北京邮电大学学报, 2013, 36(3): 39-43.
[2]	马捷钟子发黄高明. 基于自适应变权免疫网络的电磁信号监测算法[J]. 北京邮电大学学报, 2012, 35(2): 59-63.
[3]	洪征, 吴礼发, 王元元. 应用改进的V-detector算法检测蠕虫[J]. 北京邮电大学学报, 2007, 30(2): 98-101.