Dynamic Risk Assessment Method Of Network Risk Based On Hidden Markov New State Transfer Mechanism

The network brings convenience to people and also creates security risks.A large amount of private data,confidential data,etc.are spread in the network,making network security issues increasingly prominent.This topic combines attack behavior detection and network risk assessment in the network to monitor the security threat status and network risk value of the network.In the network,the low detection accuracy of small sample categories and the unobservability of network security threat status have always been important issues to be solved in the field of network security research.Therefore,in order to solve the above problems,the main research of this paper is as follows:First,when multi-classifying access data in the network,the high-invasion behavior in the network cannot be accurately detected due to the low detection accuracy of small sample data Therefore,a second-class multi-classification model based on SVM-RF is proposed which to perform abnormal data classification detection.This model is used to eliminate a large amount of normal data to reduce the interference of abnormal category detection during classification.Secondly,the previous HMM risk assessment study did not consider the offensive and defensive relationship in the state transition process.In order to make a reasonable and accurate risk assessment of the network and make the state of unobservable security threats in the network visible,a network risk assessment method based on HMM model is proposed.This approach combines network security with the HMM model and improves the implicit state transition mechanism.The offensive and defensive game ideas are integrated into the security threat state transfer process,and the influencing factors of attack and defense are analyzed to be used to make a reasonable assessment of network risks.Thirdly,the data multi-classification detection is combined with the risk assessment.The alarm response generated by the multi-category detection to classify the access behaviors in the network is used as the observation sequence of the risk assessment,thereby uniformly and comprehensively monitoring the network attack behavior and risk.Finally,the established model is tested in the Python language on the Windows platform to verify the rationality and effectiveness of the model.