计算机应用研究2013,Vol.30Issue(9):2767-2771,5.DOI:10.3969/j.issn.1001-3695.2013.09.052
基于贝叶斯网络的内部威胁预测研究
Research of predicting insider threat based on Bayesian network
摘要
Abstract
Internal network brings convenience for corporate office,but increasing threats are also brought into enterprises.Insider threat causes great harm to enterprises,and is difficult to detect,so it is urgently to be solved.This paper put forward a predictive model of insider threat based on Bayesian network attack graphs.It considered the behaviors in attacking process as research objects,and considered the resources and operation sequence as nodes,established Bayesian network attack graphs.It described the different attack paths and attack state in the process of attacking by Bayesian network attack graphs,and used Bayesian network inference algorithm to calculate the risk probability of insider threat.In Bayesian network attack graphs,the concepts of meta-operation,atomic attack and intrusion evidence were defined,and node variable,its value and conditional probability distribution were quantified.Based on the improved likelihood weighted algorithm,the calculation of Bayesian network parameters is easier,and the prediction of insider threat is more accurate.Ultimately,by simulation experiment,it is proved that the modeling speed is fast,the process of calculation is simple,the result is exact,and it is valid and applicative in predicting insider threat.关键词
内部威胁/贝叶斯网络/网络攻击图/似然加权法Key words
insider threat/ Bayesian network/ network attack graphs/ likelihood weighted algorithm分类
信息技术与安全科学引用本文复制引用
王辉,杨光灿,韩冬梅..基于贝叶斯网络的内部威胁预测研究[J].计算机应用研究,2013,30(9):2767-2771,5.基金项目
国家自然科学基金资助项目(51174263) (51174263)
河南省教育厅自然科学基金资助项目(2011B520015) (2011B520015)
河南理工大学博士基金资助项目(B2010-61) (B2010-61)
河南省社科联基金资助项目(SKL-2012-849) (SKL-2012-849)
