在网络空间要素预测过程中加入地理空间特征,可实现时空预测网络空间要素。针对网络安全要素预测过程中少有结合网络数据地理空间特征的研究现状,选择有地理空间特征的网络漏洞检测数据,构造网络漏洞时空数据集,通过构建结合图卷积和门控时间卷积的时空图卷积模型,实现网络漏洞态势发展的预测。选取 ARIMA 和 LSTM 时序预测模型进行对比实验,提出的网络漏洞时空图卷积预测模型在MAE、RMSE和MAPE的评价标准下显示有着更好的预测效果。
In view of the increasingly serious problem of network security, geographical space features are added into the prediction process to realize spatio-temporal prediction of network space elements in this study. Considering the research status that network data are often rarely combined with geospatial characteristics in the prediction process of network security elements, network vulnerability detection data with geospatial characteristics are also selected to construct the spatio-temporal data set of network vulnerabilities. By constructing a spatio-temporal graph convolution model combining graph convolution and gated time convolution, the development of network vulnerability situation can be predicted. ARIMA and LSTM temporal prediction models are selected for comparative experiments, and the proposed network vulnerability spatio-temporal graph convolution prediction model shows better prediction effect under MAE, RMSE and MAPE evaluation criteria.
[1] 张焕国, 韩文报, 来学嘉, 等 . 网络空间安全综述[J]. 中国科学: 信息科学, 2016, 46(2): 125-164.
[2] 龚俭, 臧小东, 苏琪, 等 . 网络安全态势感知综述[J]. 软件学报, 2017, 28(4): 1010-1026.
[3] 肖喜生, 龙春, 彭凯飞, 等. 基于人工智能的安全态势预测技术研究综述[J]. 信息安全研究, 2020, 6(6): 506-513.
[4] 席荣荣, 云晓春, 金舒原, 等. 网络安全态势感知研究综述[J]. 计算机应用, 2012, 32(1): 1-4.
[5] Endsley M R. Design and evaluation for situation awareness enhancement[C]//Proceedings of the Human Factors Society annual Meeting. Los Angeles, CA: Sage Publications, 1988, 32(2): 97-101.
[6] Bass T. Multisensor data fusion for next generation distributed intrusion detection systems[C]//Proceedings of the IRIS National Symposium on Sensor and Data Fusion. Laurel, MD: Citeseer, 1999, 24(28): 24-27.
[7] Man D, Wang Y, Yang W, et al. A combined prediction method for network security situation[C]//2010 International Conference on Computational Intelligence and Software Engineering. Wuhan, China: IEEE, 2010: 1-4.
[8] Wang Y, Li W, Liu Y. A forecast method for network security situation based on fuzzy Markov chain[J]. Lecture Notes in Electrical Engineering, 2014(260): 953-962.
[9] Liang W, Long J, Chen Z, et al. A security situation prediction algorithm based on HMM in mobile network[J]. Wireless Communications and Mobile Computing, 2018, 2018: 1-11.
[10] 李欣, 段詠程 . 基于改进隐马尔可夫模型的网络安全态势评估方法[J]. 计算机科学, 2020, 47(7): 287-291.
[11] 孙卫喜 . 用于网络安全态势预测的粒子群与支持向量机算法研究[J]. 计算机应用与软件, 2019, 36(6): 308-316.
[12] Lu H, Zhang G, Shen Y. Cyber security situation prediction model based on GWO-SVM[C]//13rd International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing. Cham: IEEE, 2019: 162-171.
[13] Hu J, Ma D, Liu C, et al. Network security situation prediction based on MR-SVM[J]. IEEE Access, 2019, 7: 130937-130945.
[14] Xiao P, Xian M, Wang H. Network security situation prediction method based on MEA-BP[C]//2017 3rd International Conference on Computational Intelligence & Communication Technology (CICT). Chengdu, China: IEEE, 2017: 1-5.
[15] Zhang X, Ye Z, Yan L, et al. Security situation prediction based on hybrid rice optimization algorithm and back propagation neural network[C]//2018 IEEE 4th International Symposium on Wireless Systems within the International Conferences on Intelligent Data Acquisition and Advanced Computing Systems (IDAACS-SWS). Lviv, Ukraine: IEEE, 2018: 73-77.
[16] 胡昕 . 基于 RNN 的网络安全态势预测方法[J]. 现代计算机, 2017(6): 14-16.
[17] Feng W, Wu Y, Fan Y. A new method for the prediction of network security situations based on recurrent neural
network with gated recurrent unit[J]. International Journal of Intelligent Computing and Cybernetics, 2020, 13(1): 25-39.
[18] Fang X, Xu M, Xu S, et al. A deep learning framework for predicting cyber attacks rates[J]. EURASIP Journal on Information Security, 2019, 2019(1): 1-11.
[19] Fan S, Wu S, Wang Z, et al. Aleap: Attention-based LSTM with event embedding for attack projection[C]//2019 IEEE 38th International Performance Computing and Communications Conference (IPCCC). London, UK: IEEE, 2019: 1-8.
[20] Kishioka K, Hongyo K, Kimura T, et al. Prediction method of infection spreading with CNN for self-evolving botnets[C]//2018 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA ASC). Hawaii, USA: IEEE, 2018: 1810-1815.
[21] 何春蓉, 朱江, 张欣. 基于复杂样本的安全态势要素分类架构[J]. 重庆邮电大学学报(自然科学版), 2022, 34(4): 719-727.
[22] 高春东, 郭启全, 江东, 等 . 网络空间地理学的理论基础与技术路径[J]. 地理学报(英文版), 2019, 29(12): 1949-1964.
[23] 郭启全, 高春东, 孙开锋, 等 . 基于“人-地-网”关系的网络空间要素层次体系建设[J]. 地理研究, 2021, 40(1): 109-118.
[24] 王奕钧 . 网络空间地理图谱在城市网络安全综合管控中的应用研究[J]. 信息安全研究, 2022, 8(8): 801-811.
[25] Henaff M, Bruna J, Lecun Y. Deep convolutional networks on graph-structured data[J]. arXiv preprint, 2015, arXiv: 1506.05163.
[26] Bai S, Kolter J Z, Koltun V. An empirical evaluation of generic convolutional and recurrent networks for sequence modeling[J]. arXiv preprint, 2018, arXiv: 1803.01271, 2018.
