| With the development of network and wide application of a variety of network technologies, network being involved in all aspects of daily life has become an indispensable information carrying platform and communication tools. At the same time, network security is facing serious threat, and the study of network security situation is becoming an important development direction of the study of network security. The central position of backbone communication network determines that its security situation awareness is important. To ensure the continuous and safe operation of the backbone communication network, we should be in control of the overall states of the backbone communication network. To prevent the security event which may result in the paralysis of the network ahead of time and respond in time, we should have the ability in forecasting the near future states of the network.The traditional security situation assessment mainly analyzes user behavior, application behavior and network behavior elaborately. The large scale capacity of the backbone communication network determines that it is impossible to analyze user behavior and application behavior real-timely in the backbone communication network. It is difficult to assess and predict the security situation of the backbone communication real-timely by the traditional method. As a result, the security situation assessment in the backbone communication network can not copy the method which is used in user network completely, and the object we mainly focus on is the key characteristics of network traffic. The main contents of this article include the assessment method and the prediction of the backbone communication network.Firstly, aiming at the large scale capacity of backbone network, we analyze extracting traffic feature hierarchically and calculate traffic feature'entropy. As a result, we find the analysis is in a relatively coarse level.Secondly, aiming at the backbone communication network traffic having a small part of abnormal one, we classified the network traffic, and then the abnormal one is in front of us obviously.Thirdly, we consider the network traffic as evidences in Evidence Theory in abstract, and fuse it in light of the thought of the Evidence Theory. And in detail, we used three programs in the assessment, compared these programs in combined with the manual analysis, as a result, we find the program which combined the Evidence Theory with principal components analysis is the best program in assessing the security situation of the backbone communication network.Fourthly, aiming at the regular traffic characteristic parameters of backbone communication network, this paper presents a backbone communication network security situation prediction method. This method first chooses key flow characteristic parameters, and then forecasts the traffic characteristic parameters, finally predicts the backbone communications network security situation. In the process of forecasting, we used three methods. We compared these three methods in the next experiment and find ARMA is the best one in predicting the backbone communications network security situation. |
PDF Full Text Request