Tongxin xuebao (Feb 2020)
Network threat situation assessment based on unsupervised multi-source data feature analysis
Abstract
Aiming at the limitations of supervised neural network in the network threat testing task relying on data category tagging,a network threat situation evaluation method based on unsupervised multi-source data feature analysis was proposed.Firstly,a variant auto encoder-generative adversarial network (V-G) for security threat assessment was designed.The training data set containing only normal network traffic was input to the network collection layer of V-G to perform the model training,and the reconstruction error of the network output of each layer was calculated.Then,the reconstruction error learning was performed by the three-layer variation automatic encoder of the output layer,and the training abnormal threshold was obtained.The packet threat was tested by using the test data set containing the abnormal network traffic,and the probability of occurrence of the threat of each group of tests was counted.Finally,the severity of the network security threat was determined according to the probability of threat occurrence,and the threat situation value was calculated according to the threat impact to obtain the network threat situation.The simulation results show that the proposed method has strong characterization ability for network threats,and can effectively and intuitively evaluate the overall situation of network threat.
