Research On Intrusion Detection With Vulnerability Analysis And Prediction For Situation Awareness

With the continuous development of electronic information technology,the Internet plays an increasingly important role in social life.However,the ensuing network security problems are layered.Countries,enterprises and individuals adopt and constantly update legal and technological means to respond actively.Traditional network security defense technology often only focuses on a certain problem in the whole network environment for passive defense.Due to the lack of interconnection among various passive defense measures,it is difficult to form an organic defense overall,and it is more difficult to evaluate future network security trends.The concept of network security situational awareness arises at the historic moment when the physical scale of the network is expanding and the logical structure is becoming more and more diverse.The main research contents of this paper can be summarized as the following:1.Taking the intrusion detection system as the foothold,this paper studies the network security situation assessment,combs the theoretical framework of intrusion detection methods,and proposes an intrusion detection method based on regression model,which belongs to induction classification method,aiming at the difficulty of existing methods in effectively detecting unknown intrusion types.With risk level as the situation indicator,the method in this paper was verified by grouping experiments with open data set ADFA IDS Datasets.The results of grouping experiments show that the accuracy rate of situation assessment obtained by using this method is between 83% and 94%.Compared with other intrusion detection methods,situation assessment is more effective when the risk level is higher.2.The security vulnerability analysis and prediction as the foothold,research network security situation prediction for single method of security vulnerability prediction accuracy is relatively low,put forward a smoothing and similarity based on the markov method to predict the number of holes,mainly using the mathematical induction to the rationality of the method involves a number of steps to be strictly proved.Based on risk level trend indicators,organizing by the China National Vulnerability Database,84 issued by the information security vulnerabilities,extract data from form data sets,for grouping method in this paper,the experimental verification,grouping the experimental results show that using the method of situation prediction accuracy between 93% and 95%,compared with other commonly used prediction algorithm increases by about 7% to 15%.