Research On Active-Passive Combined Sensing And Intelligent Prediction Of Network Topology In Non-Cooperative Cyberspace

Non-cooperative cyberspace refers to cyberspace in which network users,facilities,data,and activities do not cooperate with the situational awareness party,which is ubiquitous in the real world.The topology of the non-cooperative network is an important basis for the development of reconnaissance and surveillance,security defense,and attack decision-making.Network topology awareness has made great progress in data acquisition and fusion analysis.In recent years,with the rise of graph neural networks(GNNs),the related research on network structure has been further expanded.However,in the process of non-cooperative network sensing,the awareness party cannot obtain the complete topology of the target network due to various constraints such as geographic location,signal reception conditions,information encryption,and detection cost,leading to structure missing and uncertainties.Existing methods are inadequate in incomplete structural processing,hidden information mining and multi-means measurement fusion.To address these problems,this dissertation focuses on the whole process of network topology awareness in non-cooperative networks.Firstly,the impact of structure missing introduced by non-cooperative sensing is investigated,then network completion is carried out from two perspectives: one is based on passive detection data;the second is based on the combination of active and passive measurements,and finally,vital nodes using relatively complete topology are identified.The main innovations and contributions of this dissertation are as follows:1.To address the problem of unknown impact of incomplete network structure brought by non-cooperative probing,this dissertation establishes a framework for impact assessment of missing structure.The framework models noncooperative detection as network sampling,and a systematic evaluation is carried out on four sampling methods and three types of structural analysis tasks using graph neural networks.The framework shows that GNNs can still be applied on single static networks under graph sampling scenarios,and simpler GNN models are able to outperform more sophisticated ones in a fairly experimental procedure.More importantly,the framework finds that completing the sampled subgraph does improve the performance of downstream tasks.2.To address the problem of network completion under non-uniform structural missing,this dissertation proposes a novel unified deep graph convolutional network that infers missing edges by leveraging node labels,features,and distances.Specifically,it first constructs an estimated network topology for the unobserved part using node labels,then jointly refines the network topology and learns the edge likelihood with node labels,node features and distances.The method makes full use of the implicit structure information in the sensing data,progressively improves the structure prediction performance,reduces the uncertainty caused by non-cooperative sensing,and achieves high accuracy of completion.The method is consistent with realistic perceptual conditions and can adapt to uniform missing scenarios.3.To address the limitations of passive detection in non-cooperative network topology awareness,this dissertation proposes an optimal deployment strategy of active detection nodes from the perspective of combining active and passive measurements to further reduce structural uncertainty.Firstly,the structure awareness capability of active detection nodes is abstractly modeled as shortest path coverage.Aiming at the high time complexity problem brought by direct solution,the shortest path coverage is converted into shortest path distance query,and a million-node scale network can be solved within milliseconds by combining half-estimation and edge sampling optimizations.Then,based on the shortest path coverage on the deterministic networks,an active node deployment method based on sampling average is proposed for the probabilistic topology space obtained by network completions.Aiming at the problems of large search space and high computational complexity,an optimization method combining Monte Carlo sampling and dynamic shortest path distance calculation is proposed,which realizes the high-precision and fast solution of active detection nodes deployment.4.To address the application of network topology in vulnerability analysis,this dissertation proposes a vital nodes identification method in load networks from the perspective of network attack.Based on the obtained relatively complete topology,the network attack is modeled as a load network cascading failure problem,and the concept of load percolation is proposed,the load percolation model in the cascading failure problem is constructed,and vital nodes identifying method based on load percolation is proposed,which achieves high accurate identification of vulnerable node sets.