基于信息融合的网络安全态势量化评估方法

针对目前网络安全态势评估大多存在信息来源单一、评估范围有限、模型不易构建、时空开销大且可信度较低等问题，提出了一种多源异构信息融合量化评估网络安全态势的方法。首先，构建分级朴素贝叶斯分类器，快速高效地融合主机上各多源异构非确定性信息源。然后，利用拉普拉斯原理平滑参数学习，优化分类与推理结果。使用数理统计的方法融合网络上各主机的安全指数，量化评估网络安全态势，对当前网络安全状况有一个宏观整体的认识。最后，通过真实网络环境的实验，验证了所提方法在网络安全态势评估中的可行性和有效性。 

Assessing network security situation quantitatively based on information fusion

Concerning the problem that current network security situation assessment has the characteristics of single information source, limited assessment scope, not easy to build model, high time and space complexity and not high credibility, a new method of network security situation assessment is proposed based on multi-source and heterogeneous information fusion. A hierarchical naive Bayesian classifier was constructed based on the theory of Laplace's principle for smoothing parameter learning in order to optimize the result of classification and inference. The quantization for the network security situation was assessed using the method of mathematical statistics, which can generate every host security index through information fusion. The current network security situation should be understood overall and macroscopically. The feasibility and effectiveness of the proposed method for network security situation assessment are verified by the experiments in real network environment.