基于评分卡—随机森林的云计算用户公共安全信誉模型研究

doi:10.11959/j.issn.1000-436x.2018085

通信学报 ›› 2018, Vol. 39 ›› Issue (5): 143-152.doi: 10.11959/j.issn.1000-436x.2018085

基于评分卡—随机森林的云计算用户公共安全信誉模型研究

周胜利^1,²,金苍宏³,吴礼发¹,洪征¹

¹ 陆军工程大学指挥控制工程学院，江苏南京 210007
² 浙江警察学院信息技术系，浙江杭州 310053
³ 浙江大学城市学院计算机与计算科学学院，浙江杭州 310015

修回日期:2018-04-18 出版日期:2018-05-01 发布日期:2018-06-01
作者简介:周胜利（1982-），男，浙江苍南人，陆军工程大学博士生，主要研究方向为云计算安全。|金苍宏（1982-），男，浙江绍兴人，博士，浙江大学城市学院讲师，主要研究方向为机器学习、云计算。|吴礼发（1968-），男，湖北蕲春人，博士，陆军工程大学教授，主要研究方向为大数据安全。|洪征（1979-），男，江西南昌人，博士，陆军工程大学副教授，主要研究方向为网络安全。
基金资助:
国家重点研发计划基金资助项目(2017YFB0802900);国家自然科学基金资助项目(U1509219);杭州市科技发展计划基金资助项目(20162013A08)

Research on cloud computing users’ public safety trust model based on scorecard-random forest

Shengli ZHOU^1,²,Canghong JIN³,Lifa WU¹,Zheng HONG¹

¹ Institute of Command and Control Engineering,Army Engineering University of PLA,Nanjing 210007,China
² Department of Information,Zhejiang Police College,Hangzhou 310053,China
³ School of Computer and Computing Science,Zhejiang University City College,Hangzhou 310015,China

Revised:2018-04-18 Online:2018-05-01 Published:2018-06-01
Supported by:
The National Key Research and Development Program of China(2017YFB0802900);The National Natural Science Foundation of China(U1509219);The Science ＆ Technology Development Project of Hangzhou(20162013A08)

摘要/Abstract

摘要：

传统云计算用户信誉的研究主要集中在对用户操作行为信誉评估，较少涉及用户发布文本信息的安全管理，并且存在指标筛选欠准确、信誉评估结果缺乏科学验证等问题，难以满足监管部门的实际需求。针对以上问题，提出基于评分卡—随机森林的云计算用户公共安全信誉模型。首先，利用Word2Vec和卷积神经网络进行公共安全标签分类；其次，采用评分卡方法，筛选强相关性指标；最后，结合随机森林算法，建立云计算用户公共安全信誉模型。实验分析表明，所建立的模型能够解决云计算公共安全监管中用户信誉指标筛选不准确和信誉区分准确性低等问题，能够有效识别有害用户，提高云计算用户监管效率。

关键词: 云计算安全, 安全监管, 评分卡, 随机森林, 卷积神经网络

Abstract:

Traditional cloud computing trust models mainly focused on the calculation of the trust of users’ behavior.In the process of classification and evaluation,there were some problems such as ignorance of content security and lack of trust division verification.Aiming to solve these problems,cloud computing users’ public safety trust model based on scorecard-random forest was proposed.Firstly,the text was processed using Word2Vec in the data preprocessing stage.The convolution neural network (CNN) was used to extract the sentence features for user content tag classification.Then,scorecard method was used to filter the strong correlation index.Meanwhile,in order to establish the users’ public safety trust evaluation model in cloud computing,a random forest method was applied.Experimental results show that the proposed users’ public safety trust evaluation model outperforms the general trust evaluation model.The proposed model can effectively distinguish malicious users from normal users,and it can improve the efficiency of the cloud computing users management.

Key words: cloud computing security, security regulation, scorecard, random forest, convolution neural network

中图分类号:

TP393

周胜利,金苍宏,吴礼发,洪征. 基于评分卡—随机森林的云计算用户公共安全信誉模型研究[J]. 通信学报, 2018, 39(5): 143-152.

Shengli ZHOU,Canghong JIN,Lifa WU,Zheng HONG. Research on cloud computing users’ public safety trust model based on scorecard-random forest[J]. Journal on Communications, 2018, 39(5): 143-152.

图/表 12

图1

表1

图2

表2

表3

模型评估指标"

评估指标	计算式	说明
准确率	$a c c u r a c y = \frac{T P + T N}{P + N}$	表示模型在测试集上的准确性，即模型正确分类的样本数所占比例
灵敏度	$s e n s i t i v e = \frac{T P}{P}$	正确判断的正样本的百分比
特异度	$s p e c i f i c i t y = \frac{T N}{N}$	正确判断的负样本的比例
精确率	$p r e c i s i o n = \frac{T P}{T P + F P}$	被标记为正样本的样本实际为正样本的比例
召回率	$r e c a l l = \frac{T P}{T P + F N} = \frac{T P}{P}$	是一个完全性度量，同灵敏度
F1值	$F 1 = \frac{2 p r e c i s i o n \cdot r e c a l l}{p r e c i s i o n + r e c a l l}$

表3

表4

表5

表6

图3

表7

图4

表8

参考文献 25

[1]	刘楠, 魏进武, 刘露 . 大数据交换信息链[J]. 电信科学, 2016,32(10): 130-136.
	LIU N , WEI J W , LIU L . Big data exchange based on information chain[J]. Telecommunications Science, 2016,32(10): 130-136.
[2]	周维, 路劲, 周可人 ,等. 基于并发跳表的云数据处理双层索引架构研究[J]. 计算机研究与发展, 2015,52(7): 1531-1545.
	ZHOU W , LU J , ZHOU K R ,et al. Concurrent skiplist based double-layer index framework for cloud data processing[J]. Journal of Computer Research and Devlopment, 2015,52(7): 1531-1545.
[3]	张常有, 邵立向, 李文清 ,等. 云服务的自组织机制及性能分析[J]. 中国通信, 2012,9(6): 135-144.
	ZHANG C Y , SHAO L X , LI W Q ,et al. Self organizing mechanism for cloud services and performance analysis[J]. China Communications, 2012,9(6): 135-144.
[4]	陈康, 郑纬民 . 云计算:系统实例与研究现状[J]. 软件学报, 2009,20(5): 1337-1348.
	CHEN K , ZHENG W M . Cloud computing:system instances and current research[J]. Journal of Software, 2009,20(5): 1337-1348.
[5]	王国峰, 刘川意, 潘鹤中 ,等. 云计算模式内部威胁综述[J]. 计算机学报, 2017,40(2): 296-316.
	WANG G F , LIU C Y , PAN H Z ,et al. Survey on insider threats to cloud computing[J]. Chinese Journal of Computers, 2017,40(2): 296-316.
[6]	李丙戌, 吴礼发, 周振吉 ,等. 基于信任的云计算身份管理模型设计与实现[J]. 计算机科学, 2014,41(10): 144-148.
	LI B X , WU L F , ZHOU Z J ,et al. Design and implementation of trust-based identity management model for cloud computing[J]. Computer Science, 2014,41(10): 144-148.
[7]	TIAN L Q , LIN C , YANG N . Evaluation of user behavior trust in cloud computing[C]// 2010 International Conference on Computer Application and System Modeling (ICCASM). 2010: 567-572.
[8]	苏铓, 李凤华, 史国振 . 基于行为的多级访问控制模型[J]. 计算机研究与发展, 2014,51(7): 1604-1613.
	SU M , LI F H , SHI G Z . Action-based multi-level access control model[J]. Computer Research and Development, 2014,51(7): 1604-1613.
[9]	周茜, 于炯 . 云计算下基于信任的防御系统模型[J]. 计算机应用, 2011,31(6): 1531-1535.
	ZHOU Q , YU J . Defense system model based on trust for cloud com-puting[J]. Computer Application, 2011,31(6): 1531-1535.
[10]	LI X Y , GUI X L , MAO Q ,et al. Adaptive dynamic trust measurement and prediction model based on behavior monitoring:adaptive dynamic trust measurement and prediction model based on behavior monitor-ing[J]. Chinese Journal of Computers, 2009,32(4): 664-674.
[11]	杨家兴 . 复杂网络安全态势评估模型仿真分析[J]. 计算机仿真, 2013,30(8): 289-292.
	YANG J X . Simulation analysis of complex network security situation assessment model[J]. Computer Simulation, 2013,30(8): 289-292.
[12]	毛建景, 张凯萍 . 云计算环境下海量用户行为信任评估模型[J]. 计算机仿真, 2016,33(3): 385-388.
	MAO J J , ZHANG K P . Behavior trust evaluation model for massive users under cloud computing environment[J]. Computer Simulation, 2016,33(3): 385-388.
[13]	丁世飞, 张健, 张谢锴 ,等. 多分类孪生支持向量机研究进展[J]. 软件学报, 2018,29(1): 89-108.
	DING S F , ZHANG J , ZHANG X K ,et al. Survey on multi class twin support vector machines[J]. Journal of Software, 2018,29(1): 89-108.
[14]	WANG S C , XU G L , DU R J . Restricted Bayesian classification networks[J]. Science China(Information Sciences), 2013,56(7): 210-224.
[15]	LAM H K , EKONG U , LIU H B ,et al. A study of neural-network-based classifiers for material classification[J]. Neurocomputing, 2014: 144.
[16]	HINTON G E , . Learning distributed representations of concepts[C]// The 8th Annual Conference of the Cognitive Science Society. 1986: 1-12.
[17]	MIKOLOV T , CHEN K , CORRADO G ,et al. Efficient estimation of word representations in vector space[J]. Computer Science, 2013: 1-12.
[18]	KIM Y , . Convolutional neural networks for sentence classification[C]// The 2014 Conference on Empirical Methods in Natural Language Processing. 2014: 1746-1751.
[19]	STILO G , VELARDI P . Efficient temporal mining of micro-blog texts and its application to event discovery[J]. Data Mining and Knowledge Discovery, 2016,30(2): 372-402.
[20]	KENNETH A C , MICHAEL E S . Debit,credit,or cash:survey evidence on gasoline purchases[J]. Journal of Economics and Business, 1999,51(5): 409-421.
[21]	WIGINTON J C.A . note on the comparison of logit and discriminant models of consumer credit behavior[J]. Journal of Financial and Quan-titative Analysis, 1980,15: 757-770.
[22]	MAKOWSKI P . Credit scoring branches out[J]. Credit World, 1985,75: 30-37.
[23]	CARTER C , CATLETT J . Assessing credit card application using machine learning[J]. IEEE Expert Magazine, 1987,2(3): 71-79.
[24]	WANG G , HAO J , MA J ,et al. A comparative assessment of ensemble learning for credit scoring[J]. Expert Systems with Applications , 2011,38(1): 223-230.
[25]	GARETH J , DANIELA W , TREVOR H ,et al. Anintroduction to statistical learning with application in R[M]// An Introduction to Satis-tical Learning. 2013: 78-129.

用户公共安全信誉级别	用户行为危险级别
优	正常
良	低危
中	中危
差	高危

IV值	影响效果
< 0.02	对预测变量几乎无影响，不保留
0.02~0.1	对预测变量有一定影响，可保留
0.1~0.3	对预测变量有较大影响，可保留
0.3~0.5	对预测变量有很大影响，可保留
> 0.5	不现实，不保留

敏感话题	TP	TN	FP	FN	准确率	灵敏度	特异度	精确率	F1
A	97	1 634	3	2	0.997 11	0.979 79	0.998 16	0.970 00	0.974 87
B	93	1 637	2	4	0.996 54	0.958 76	0.998 77	0.978 94	0.968 75
C	96	1 634	4	2	0.996 54	0.979 59	0.997 55	0.960 00	0.969 69
D	71	1 662	2	1	0.998 27	0.986 11	0.998 79	0.972 60	0.979 31
E	96	1 634	4	2	0.996 54	0.979 59	0.997 55	0.960 00	0.969 69
F	78	1 648	2	8	0.994 23	0.906 97	0.998 78	0.975 00	0.939 75
G	96	1 634	4	2	0.996 54	0.979 59	0.997 55	0.960 00	0.969 69
H	97	1 625	13	1	0.991 93	0.989 79	0.992 06	0.881 81	0.932 69
I	93	1 623	9	11	0.988 47	0.894 23	0.994 48	0.911 76	0.902 91
J	87	1 636	3	10	0.992 51	0.896 90	0.998 16	0.966 66	0.930 48
K	88	1 605	30	13	0.975 23	0.871 28	0.981 65	0.745 76	0.803 65
L	83	1 646	3	4	0.995 96	0.954 03	0.998 18	0.965 11	0.959 53
M	90	1 636	4	6	0.994 23	0.937 50	0.997 56	0.957 44	0.947 36
N	78	1 633	2	23	0.985 59	0.772 27	0.998 77	0.975 00	0.861 87
O	95	1 633	5	3	0.995 39	0.969 38	0.996 94	0.950 00	0.959 59
P	105	1 625	3	3	0.996 54	0.972 22	0.998 15	0.972 22	0.972 22
Q	97	1 633	3	3	0.996 54	0.970 00	0.998 16	0.970 00	0.970 00
R	96	1 634	4	2	0.996 54	0.979 59	0.997 55	0.960 00	0.969 69

区间	WOE	总数	正例数	负例数	区间占比	正例占比	负例占比
(?∞,1]	?1.399	111	36	75	14.07%	6.91%	27.99%
(1,3]	?1.054	52	21	31	6.59%	4.03%	11.57%
(3,8]	?0.25	93	56	37	11.79%	10.75%	13.81%
(76,109]	?0.207	80	49	31	10.14%	9.4%	11.57%
(8,12]	0.104	60	41	19	7.6%	7.87%	7.09%
(109,194]	0.207	78	55	23	9.89%	10.56%	8.58%
(43,76]	0.207	78	55	23	9.89%	10.56%	8.58%
(12,26]	0.945	84	70	14	10.65%	13.44%	5.22%
(26,43]	1.445	74	66	8	9.38%	12.67%	2.99%
(194,+∞)	1.666	79	72	7	10.01%	13.82%	2.61%

指标名称	中文解释	类型	分箱方法	IV
bad_total	负面占比	double	等频	0.363
middle_total	中性占比	double	等频	0.446
good_total	正面占比	double	等频	1.454
cnt_bad	负面句子数	bigint	等频	0.363
sum_sentence	句子总数	bigint	等频	0.700
cnt_middle	中性句子数	bigint	等频	0.521
cnt_good	正面句子数	bigint	等频	1.225

基于评分卡—随机森林的云计算用户公共安全信誉模型研究

Research on cloud computing users’ public safety trust model based on scorecard-random forest

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 12

参考文献 25

相关文章 15

Metrics

推荐阅读 0

敏感话题	预测值
敏感话题	A	B	C	D	E	F	G	H	I	J	K	L	M	N	O	P	Q	R
A	97	0	0	0	0	0	0	1	0	0	1	0	0	0	0	0	0	0
B	0	93	0	0	1	0	0	1	0	0	0	0	1	0	0	1	0	0
C	0	0	96	0	0	0	0	0	0	0	0	0	1	0	1	0	0	0
D	0	0	0	71	0	0	0	0	0	0	0	0	0	0	1	0	0	0
E	0	0	0	0	96	0	0	0	0	0	0	1	0	0	0	0	1	0
F	0	0	2	1	0	78	0	0	0	0	0	0	0	0	1	0	0	4
G	1	0	0	0	1	0	96	0	0	0	0	0	0	0	0	0	0	0
H	0	0	0	0	0	0	0	97	0	0	0	0	0	0	0	0	1	0
I	0	1	0	1	0	0	0	0	93	0	7	0	0	1	1	0	0	0
J	0	0	0	0	0	0	0	0	9	87	0	1	0	0	0	0	0	0
K	0	1	0	0	0	0	1	9	0	0	88	1	0	0	0	0	1	0
L	0	0	0	0	0	0	1	1	0	0	0	83	0	1	1	0	0	0
M	0	0	1	0	0	1	0	0	0	3	1	0	90	0	0	0	0	0
N	1	0	0	0	0	0	1	0	0	0	20	0	0	78	0	1	0	0
O	0	0	0	0	0	1	0	1	0	0	0	0	1	0	95	0	0	0
P	1	0	0	0	1	0	1	0	0	0	0	0	0	0	0	105	0	0
Q	0	0	1	0	0	0	0	0	0	0	0	0	1	0	0	1	97	0
R	0	0	0	0	1	0	0	0	0	0	1	0	0	0	0	0	0	96

分类值	正确个数/个	错误个数/个	总计/个	正确率	召回率	F1指标
1	1 340	503	1 843	72.7%	47.4%	57.4%
0	14 430	1 490	15 920	90.6%	96.6%	93.5%

[1]	李昂, 陈建新, 魏昕, 周亮. 面向6G的跨模态信号重建技术[J]. 通信学报, 2022, 43(6): 28-40.
[2]	王晓丹, 李京泰, 宋亚飞. DDAC：面向卷积神经网络图像隐写分析模型的特征提取方法[J]. 通信学报, 2022, 43(5): 68-81.
[3]	廖育荣, 王海宁, 林存宝, 李阳, 方宇强, 倪淑燕. 基于深度学习的光学遥感图像目标检测研究进展[J]. 通信学报, 2022, 43(5): 190-203.
[4]	张帆, 黄赟, 方子茁, 郭威. 卷积神经网络的损失最小训练后参数量化方法[J]. 通信学报, 2022, 43(4): 114-122.
[5]	朱政宇, 侯庚旺, 黄崇文, 孙钢灿, 郝万明, 梁静. 基于并行CNN的RIS辅助D2D保密通信系统资源分配算法[J]. 通信学报, 2022, 43(3): 172-179.
[6]	安泽亮, 张天骐, 马宝泽, 邓盼, 徐雨晴. 基于一维CNN的多入多出OSTBC信号协作调制识别[J]. 通信学报, 2021, 42(7): 84-94.
[7]	王洪雁, 张莉彬, 陈国强, 汪祖民, 管志远. 结合粒子滤波及度量学习的目标跟踪方法[J]. 通信学报, 2021, 42(5): 98-110.
[8]	司念文, 张文林, 屈丹, 常禾雨, 李盛祥, 牛铜. 基于对抗补丁的可泛化的Grad-CAM攻击方法[J]. 通信学报, 2021, 42(3): 23-35.
[9]	高红民, 曹雪莹, 陈忠昊, 花再军, 李臣明, 陈月. 基于多尺度近端特征拼接网络的高光谱图像分类方法[J]. 通信学报, 2021, 42(2): 92-102.
[10]	杨军,党吉圣. 基于上下文注意力CNN的三维点云语义分割[J]. 通信学报, 2020, 41(7): 195-203.
[11]	高红民,曹雪莹,杨耀,花再军,李臣明. 基于CNN的双边融合网络在高光谱图像分类中的应用[J]. 通信学报, 2020, 41(11): 132-140.
[12]	张猛,孙昊良,杨鹏. 基于改进卷积神经网络识别DNS隐蔽信道[J]. 通信学报, 2020, 41(1): 169-179.
[13]	吴志军,周胜琰,雷缙. 基于态势感知的SWIM服务权限主动移交模型[J]. 通信学报, 2019, 40(8): 123-132.
[14]	周鑫,何晓新,郑昌文. 基于图像深度学习的无线电信号识别[J]. 通信学报, 2019, 40(7): 114-125.
[15]	刘琳岚,高声荣,舒坚. 基于随机森林的链路质量预测[J]. 通信学报, 2019, 40(4): 202-211.