为提高网络安全态势评估的准确率,增强稳定性与鲁棒性,提出一种基于改进选择性卷积核卷积神经网络和支持向量机的网络安全态势评估模型。首先,使用改进选择性卷积核代替传统卷积核进行特征提取,提高卷积神经网络感受野变化的自适应性,增强特征之间关联性。然后,将提取的特征输入到支持向量机中进行分类,并使用网格优化算法对支持向量机中的参数进行全局寻优。最后,根据网络攻击影响指标计算网络安全态势值。实验表明,基于改进选择性卷积核卷积神经网络和支持向量机的态势评估模型与传统的卷积神经网络搭建的态势评估模型相比,准确率更高,并且具有更强的稳定性和鲁棒性。
In order to improve the accuracy, stability, and robustness of network security situation assessment, a network security situation assessment model based on improved selective kernel convolutional neural network and support vector machine is proposed. Firstly,the traditional kernel for feature extraction is replaced with the improved selective kernel to enhance the adaptability of the convolutional neural network to changes in receptive field,thereby strengthening the correlation between features. Then, the extracted features are fed into the support vector machine for classification, and the grid optimization algorithm is used to optimize the parameters in the support vector machine globally. Finally, the network security situation value is calculated according to the network attack impact index.Experimental results show that the situation assessment model based on improved selective kernel convolutional neural network and support vector machine achieves higher accuracy,stronger stability and robustness compared to traditional convolutional neural networks.
[1] Mazurczyk W, Bisson P, Jover R P, et al. Challenges and novel solutions for 5G network security, privacy and trust [J]. IEEE Wireless Communications, 2020, 27(4):6-7.
[2] Bass T. Intrusion detection systems and multisensor data fusion [J]. Communications of the ACM, 2000, 43(4):99-105.
[3] 谢丽霞, 王志华. 基于布谷鸟搜索优化BP神经网络的网络安全态势评估方法[J]. 计算机应用, 2017, 37(7):1926-1930. Xie L X, Wang Z H. Network security situation assessment method based on cuckoo search optimized back propagation neural network [J]. Journal of Computer Applications, 2017, 37(7):1926-1930.
[4] 姜旭炜, 文志诚, 邓勇杰. 基于粗糙集神经网络的网络安全态势评估方法[J]. 湖南工业大学学报, 2015, 29(3):76-82. Jiang X W, Wen Z C, Deng Y J. Network security situation evaluation based on rough set and neural network [J]. Journal of Hunan University of Technology, 2015, 29(3):76-82.
[5] 王金恒, 单志龙, 谭汉松, 等. 基于遗传优化PNN神经网络的网络安全态势评估[J]. 计算机科学, 2021, 48(6):338-342. Wang J H, Shan Z L, Tan H S, et al. Network security situation assessment based on genetic optimized PNN neural network [J]. Computer Science, 2021, 48(6):338-342.
[6] 杨宏宇, 张梓锌, 张良. 基于并行特征提取和改进BiGRU的网络安全态势评估[J]. 清华大学学报(自然科学版), 2022, 62(5):842-848. Yang H Y, Zhang Z X, Zhang L. Network security situation assessments with parallel feature extraction and an improved BiGRU [J]. Journal of Tsinghua University (Science and Technology), 2022, 62(5):842-848. (in Chinese)
[7] 李欣, 段詠程. 基于改进隐马尔可夫模型的网络安全态势评估方法[J]. 计算机科学, 2020, 47(7):287-291. Li X, Duan Y C. Network security situation assessment method based on improved hidden Markov model [J]. Computer Science, 2020, 47(7):287-291. (in Chinese)
[8] Fukushima K. Neocognitron:a self-organizing neural network model for a mechanism of pattern recognition unaffected by shift in position [J]. Biological Cybernetics, 1980, 36(4):193-202.
[9] Lecun Y, Bottou L, Bengio Y, et al. Gradient-based learning applied to document recognition [J]. Proceedings of the IEEE, 1998, 86(11):2278-2324.
[10] Krizhevsky A, Sutskever I, Hinton G E. ImageNet classification with deep convolutional neural networks [J]. Communications of the ACM, 2017, 60(6):84-90.
[11] Lin M, Chen Q, Yan S. Network in network [C]//2nd International Conference on Learning Representations, 2014.
[12] Srivastava R K, Greff K, Schmidhuber J. Highway networks [DB/OL]. 2015[2022-03-25]. http://arxiv.org/abs/1505.00387.
[13] Szegedy C, Vanhoucke V, Ioffe S, et al. Rethinking the inception architecture for computer vision [C]//2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2016:2818-2826.
[14] Cortes C, Vapnik V. Support-vector networks [J]. Machine Learning, 1995, 20(3):273-297.
[15] Boser B E, Guyon I M, Vapnik V N. A training algorithm for optimal margin classifiers [C]//5th Annual Workshop on Computational learning theory, 1992:144-152.
[16] Platt J C. Fast training of support vector machines using sequential minimal optimization [M]. [S.l.]:The MIT Press, 1998.
[17] Li X, Wang W H, Hu X L, et al. Selective kernel networks [C]//2019 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), 2020:510-519.
[18] 李小涛. 基于深度学习的网络安全态势感知研究[D]. 西安:西安电子科技大学, 2021.
[19] Yang H, Zeng R, Xu G, et al. A network security situation assessment method based on adversarial deep learning [J]. Applied Soft Computing, 2021, 102:107096.
[20] CVSS. Common vulnerability scoring system v3.1:specification document [EB/OL]. [2022-03-25]. https://www.first.org/cvss/v3-1/cvss-v31-specification_r1.pdf.
[21] Doynikova E, Chechulin A, Kotenko I. Analytical attack modeling and security assessment based on the common vulnerability scoring system [C]//201720th Conference of Open Innovations Association (FRUCT), IEEE, 2017:53-61.
