高级检索

    基于云模型的防御代理信任评估模型

    A Cloud Model Based Trust Evaluation Model for Defense Agent

    • 摘要: 在计算机网络协同防御(computer network collaborative defense, CNCD)系统中,所有的防御代理在防御方案的部署过程中默认都是可信和可控的,而这个不合理的假设在开放的网络环境下是不成立的,其将会导致恶意代理参与到计算机网络协同防御的方案执行中,增加方案执行失败率,降低系统安全性.为了解决这个问题,提出了一种计算机网络协同防御下的信任评估模型,该模型能分别从信任的模糊性和随机性2个角度对信任进行描述,并进行信任更新.模型包括2个主要部分:防御任务执行评估和防御代理信任更新.研究了防御代理反馈的评估函数,包括防御任务的完成时间和完成质量评估2个方面,并将信任的时间衰减性、非对称性应用到防御代理的反馈评估函数中;提出了一种基于滑动时间窗口的双权值直接信任云模型(sliding time window-based dual weight direct trust cloud model, STBCM)进行信任更新.最后通过对比实验证明模型具有更低的方案失败率,能够为计算机网络协同防御方案的信任部署提供支持.

       

      Abstract: All defense agents (DAs) are trustworthy and controllable by default during the implementation of defense scheme in the computer network collaborative defense (CNCD) system. But this unreasonable assumption does not hold in the open network environment. Malicious agent will be led into the deployment of CNCD defense scheme and the fail rate of defense schemes will be raised under this assumption, which will decrease the security of the whole system. To address this issue, trust evaluation should be conducted. In the present research work, a trust evaluation model of CNCD is proposed. The model can describe trust from the aspects of randomness and fuzziness, and conduct trust updating. The trust evaluation model includes two key parts: task execution evaluation and defense agent trust updating. Evaluation functions of DAs’ feedback, including functions of finish time (FT) and defense quality (DQ), are studied in detail. Two properties of trust, including time decay and asymmetry, are adopted in the evaluation functions of DAs’ feedback. A sliding time window-based dual weight direct trust cloud model (STBCM) is likewise proposed for trust updating. The contrast experiments show that the proposed algorithm has lower fail rate of defense scheme, and can provide support for the trust deployment of the CNCD scheme.

       

    /

    返回文章
    返回