复杂网络环境下面向威胁监测的采集策略精化方法

doi:10.11959/j.issn.1000-436x.2019096

Abstract

Abstract:

Personalized collect policy is one of the necessary conditions for effectively monitoring threats in the complex network environment.However,differences in security requirements and threat types make it difficult to effectively generate personalized collect policy.To address the above problem,a collection policy automatic refinement method was designed.Firstly,a hierarchical model of collection policy was proposed.Then,by transforming the policy refinement into a nonlinear optimization problem,a genetic algorithm was designed to balance between collection revenue and collection cost.Finally,simulation experiments verify that according to the requirements of high-level monitoring,the acquisition scheme can be automatically generated.

Key words: data collection, threat monitoring, policy refinement, hybrid optimization

CLC Number:

TP302

Fenghua LI,Zifu LI,Ling LI,Ming ZHANG,Kui GENG,Yunchuan GUO. Collection policy refining method for threat monitoring in complex network environment[J]. Journal on Communications, 2019, 40(4): 49-61.

Figures/Tables 11

References 32

[1]	李凤华, 熊金波 . 复杂网络环境下访问控制技术[M]. 北京: 人民邮电出版社, 2015.
	LI F H , XIONG J B . Access control technology in complex network environment[M]. Beijing: Posts ＆ Telecom PressPress, 2015.
[2]	PADHY P , DASH R K , MARTINEZ K ,et al. A utility-based sensing and communication model for a glacial sensor network[C]// The 5th International Joint Conference on Autonomous Agents and Multi-agent Systems. 2016: 1353-1360.
[3]	曾文序, 库少平, 郑浩 . 基于旋转门算法的自适应变频数据采集策略[J]. 计算机应用研究, 2018,35(3): 769-772.
	ZENG W X , KU S P , ZHENG H . Strategy of self-adaptive frequency conversion data acquisition based on swing door trending algorithm[J]. Application Research of Computers, 2018,35(3): 769-772.
[4]	张斌, 朱建涛, 徐曌 . 基于动态频率算法的远程监控系统数据采集优化策略[J]. 微电子学与计算机, 2016,33(8): 86-91.
	ZHANG B , ZHU J T , XU Z . Data gathering optimization strategy based on dynamic frequency algorithm for remote monitoring system[J]. Microelectronics ＆ Computer, 2016,33(8): 86-91.
[5]	MAULLO M , CALO S . Policy management:an architecture and approach[C]// The 1st International Workshop on Systems Management. 1993: 13-26.
[6]	MONT M C , BALDWIN A , GOH C . Power prototype:towards integrated policy-based management[C]// IEEE/IFIP Network Operations and Management Symposium. 2000: 789-802.
[7]	ALBUQUERQUE J P D , KRUMM H , GEUS P L D ,et al. Scalable model-based configuration management of security services in complex enterprise networks[J]. Software:Practice and Experience, 2011,41(3): 307-338.
[8]	ALBUQUERQUE J P D , KRUMM H , GEUS P L D . Formal validation of automated policy refinement in the management of network security systems[J]. International Journal of Information Security, 2010,9(2): 99-125.
[9]	ROMEIKAT R , BAUER B . Specification and refinement of domain-specific ECA policies[C]// International Conference on Advanced Information Systems Engineering Workshops. 2011: 197-206.
[10]	NEISSE R , STERI G , GENEIATAKIS D ,et al. A privacy enforcing framework for Android applications[J]. Computers ＆ Security, 2016,62: 257-277.
[11]	RUDOLPH M , FETH D , DOERR J ,et al. Requirements elicitation and derivation of security policy templates—an Industrial case study[C]// The 24th International Requirements Engineering Conference. 2016: 283-292.
[12]	GUARDA P , RANISE S , SISWANTORO H . Security analysis and legal compliance checking for the design of privacy-friendly information systems[C]// The 22nd ACM on Symposium on Access Control Models and Technologies. 2017: 247-254.
[13]	RUDOLPH M , MOUCHA C , FETH D . A framework for generating user and domain-tailored security policy editors[C]// The 24th International Requirements Engineering Conference Workshops. 2016: 56-61.
[14]	BEIGI M S , CALO S , VERMA D . Policy transformation techniques in policy-based systems management[C]// The 5th IEEE International Workshop on Policies for Distributed Systems and Networks. 2004: 1-10.
[15]	HAN W , FANG Z , YANG L T ,et al. Collaborative policy administration[J]. IEEE Transactions on Parallel and Distributed Systems, 2014,25(2): 498-507.
[16]	UDUPI Y B , SAHAI A , SINGHAL S . A classification-based approach to policy refinement[C]// The 10th IFIP/IEEE International Symposium on Integrated Network Management. 2007: 785-788.
[17]	RIEKSTIN A C , JANUáRIO G C , RODRIGUES B B ,et al. Orchestration of energy efficiency capabilities in networks[J]. Journal of Network and Computer Applications, 2016,59: 74-87.
[18]	SCHEID E J , MACHADO C C , FRANCO M L ,et al. INSpIRE:integrated NFV-based intent refinement environment[C]// IFIP/IEEE Symposium on Integrated Network and Service Management. 2017: 186-194.
[19]	RANA A I , JENNINGS B . Semantic aware processing of user defined inference rules to manage home networks[J]. Journal of Network and Computer Applications, 2017,79: 68-87.
[20]	MACHADO C C , WICKBOLDT J A GRANVILLE L Z ,et al. ARKHAM:an advanced refinement toolkit for handling service level agreements in Software-Defined Networking[J]. Journal of Network and Computer Applications, 2017,90: 1-16.
[21]	RIEKSTIN A C , JANUáRIO G C , RODRIGUES B B ,et al. A survey of policy refinement methods as a support for sustainable networks[J]. IEEE Communications Surveys and Tutorials, 2016,18(1): 222-235.
[22]	AZIZ B . Modelling fine-grained access control policies in grids[J]. Journal of Grid Computing, 2016,14(3): 477-493.
[23]	BANDARA K , LUPU E C , RUSSO A . Using event calculus to formalise policy specification and analysis[C]// The 4th International Workshop on Policies for Distributed Systems and Networks. 2003: 26-39.
[24]	CRAVEN R , LOBO J , LUPU E ,et al. Policy refinement:decomposition and operationalization for dynamic domains[C]// The 7th International Conference on Network and Services Management. 2011: 115-123.
[25]	RUBIO-LOYOLA J . Towards the policy refinement problem in policy-based management systems[M]. Saarbrücken: VDM VerlagPress, 2008.
[26]	LEIGHTON G , BARBOSA D . Access control policy translation,verification,and minimization within heterogeneous data federations[J]. ACM Transactions on Information and System Security, 2011,14(3): 1-28.
[27]	JOHNSON M , KARAT J , KARAT C M ,et al. Usable policy template authoring for iterative policy refinement[C]// IEEE International Symposium on Policies for Distributed Systems and Networks. 2010: 18-21.
[28]	CHUNG L , NIXON B A , YU E ,et al. Non-functional requirements in software engineering[M]. New York: Springer Publishing CompanyPress, 2000.
[29]	LIPPMANN R , HAINES J W , FRIED D J ,et al. The 1999 DARPA off-line Intrusion Detection Evaluation[J]. Computer Networks, 2000,34(4): 579-595.
[30]	AFFLECK A , KRISHNA A . Supporting quantitative reasoning of non-functional requirements:a process-oriented approach[C]// International Conference on Software and System Process. 2012: 88-92.
[31]	KAMRAN S , ZAHID A , FARRUKH A K ,et al. KDD cup 99 data sets:a perspective on the role of data sets in network intrusion detection research[J]. Computer, 2019,52(2): 41-51.
[32]	窦全胜, 陈姝颖 . 演化计算方法及应用[M]. 北京: 电子工业出版社, 2016.
	DOU Q S , CHEN S Y . Evolutionary calculation method and application[M]. Beijing: Publishing House of Electronics IndustryPress, 2016.

Metrics

Recommended 0

No Suggested Reading articles found!

采集项名称	DDoS	非法访问	流量异常	FTP木马
系统日志	0.80	0.50	0.60	0.20
FTP服务日志	0.10	1 .00	0.10	1.00
端到端的IP流量	1.00	0.10	1.00	0.20
特定服务的业务流量	0.40	1.00	0.80	1.00
CPU占用率	0.80	0.40	0.80	0.40
内存利用率	0.60	0.30	0.60	0.30

采集项名称	计算成本常量	存储成本常量	传输成本常量
系统日志	0.100	0.192	0.192
FTP服务日志	0.100	0.128	0.128
端到端的IP流量	0.200	0.300	0.300
特定服务的业务流量	0.600	0.128	0.128
CPU占用率	0.300	0.040	0.040
内存利用率	0.300	0.040	0.040

Collection policy refining method for threat monitoring in complex network environment

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 11

References 32

Related Articles 11

Metrics

Recommended 0

[1]	Shu FU, Xiangyue YANG, Haijun ZHANG, Chen CHEN, Peng YU, Xin JIAN, Min LIU. UAV path intelligent planning in IoT data collection [J]. Journal on Communications, 2021, 42(2): 124-133.
[2]	Zhenchun WEI,Renhao SUN,Zengwei LYU,Jianghong HAN,Lei SHI,Junyi XU. Path planning algorithm for WCE with joint energy replenishment and data collection based on multi-objective optimization [J]. Journal on Communications, 2018, 39(10): 22-33.
[3]	Wei-ping ZHANG,Ya-hong GUO,Meng WANG,Lin-yu NI,Jin-bao LI. Forest based data collection in MR-MC wireless sensor networks [J]. Journal on Communications, 2016, 37(3): 40-47.
[4]	Xian-ling LU,Ying-ying WANG. Data collection algorithm for mobile sink in delay-constrained network [J]. Journal on Communications, 2014, 35(10): 107-116.
[5]	. Data collection algorithm for mobile sink in delay-constrained network [J]. Journal on Communications, 2014, 35(10): 13-116.
[6]	Jun YUE,Wei-ming ZHANG,Wei-dong XIAO,Da-quan TANG,Jiu-yang TANG. Energy dissipation balanced and reliable clustering algorithm for wireless sensor networks [J]. Journal on Communications, 2012, 33(Z2): 90-96.
[7]	Jian GUO,Li-juan SUN,Wen-jun XU,Ru-chuan WANG,Fu XIAO. Mobile sink-based data collection scheme for wireless sensor networks [J]. Journal on Communications, 2012, 33(9): 176-184.
[8]	Jing-hua ZHU,Tong WANG,Ying-li ZHONG. Energy efficient mobile data collection protocol for wireless sensor networks [J]. Journal on Communications, 2011, 32(9A): 70-76.
[9]	Nyuan YUA,Yu-xing PENG,Shan-shan LI,Wen-sheng TANG. Efficient heuristic algorithm for the mobile sink routing problem [J]. Journal on Communications, 2011, 32(10): 107-117.
[10]	Yu-xin MAO. Secure data collection approach for wireless sensor networks based on multipath routing and feedback [J]. Journal on Communications, 2010, 31(8A): 76-80.
[11]	Li-li LU,Yong-sheng ZHAO,Zheng HOU,Jing ZHU,Wen-jia ZHANG,Yan-long CHU. The application of GSM technology in remote meter-reading system of heat-supply network [J]. Journal on Communications, 2005, 26(1A): 202-204.