A Fuzzy Comprehensive Evaluation Method for Attack Effectiveness of the Application Layer of Command Information System

被引：0

作者：

Huang Y. ^{[1
,2
]}

Mou X. ^{[1
]}

机构：

[1] School of Information Science and Engineering, Shenyang Ligong University, Shenyang, 110159, Liaoning

[2] School of Computer Science and Engineering, Northeastern University, Shenyang, 110169, Liaoning

来源：

Binggong Xuebao/Acta Armamentarii | 2020年 / 41卷 / 05期

关键词：

Application layer attack; Artificial neural network; Attack effectiveness; Command information system; Fuzzy comprehensive evaluation;

D O I：

10.3969/j.issn.1000-1093.2020.05.012

中图分类号：

学科分类号：

摘要：

The service sharing and opening of command information system lead to more service resource damages and information spoofing risk in its application layer attack. For difficult effectiveness evaluation problem due to the incomplete information and uncertainty in offensive and defensive attack of application layer of command information system, a three-level evaluation index system with index factor number of 2+5+17 is established for application layer attack of command information system. A two-factor subjective and objective weighting method is presented to determine the evaluation index weights. The theory of BP artificial neural network is used to establish the fuzzy membership function with learning mechanism and continuously improved capability. A fuzzy comprehensive evaluation method is designed for the single attack efficiency and a variety of attack effectiveness. The experimental results show that the proposed method can be used not only to achieve the fuzzy quantization of single attack effect and fuzzy ranking of multiple attacks, but also have more complete index set, more comprehensive weighting method and more applicable fuzzy membership function. © 2020, Editorial Board of Acta Armamentarii. All right reserved.

引用

页码：932 / 940

页数：8

共 21 条

[1] LU Y F, LI L L, ZHANG Z, Et al., Information capability analysis and evaluation of new generation command and control system computer engineering and applications, Computer Science, 45, 11A, pp. 549-552, (2018)
[2] XU Z W, ZENG C, CHAO L, Et al., Zone-oriented architecture: an architectural style for smart web of everything, Journal of Computer Research and Development, 56, 1, pp. 94-106, (2019)
[3] BAI X H, BAI X L, YI X Q., Study on service-oriented C<sup>4</sup>ISR simulation application integration, Systems Engineering and Electronics, 32, 4, pp. 784-790, (2010)
[4] ZENG Y Y, KANG F J, ZHANG J C., Layered command and control simulation system architecture based on SOA, Journal of System Simulation, 23, 8, pp. 1714-1718, (2011)
[5] CHEN Z F, LI Q B, ZHANG P, Et al., Kernel code reuse attack detection technique for Linux, Journal of Software, 28, 7, pp. 1732-1745, (2017)
[6] XIE B L, YU S Z., Application layer real-time proactive defense system based on application layer protocol analysis, Chinese Journal of Computers, 34, 3, pp. 452-463, (2011)
[7] QIAN Y G, LU H B, JI S L, Et al., A poisoning attack on intrusion detection system based on SVM, Acta Electronica Sinica, 47, 1, pp. 59-65, (2019)
[8] ZHANG X, ZHANG X, QI Y, Et al., Security evaluation for wireless sensor networks based on attack test and fuzzy comprehensive judgement, Lecture Notes in Electrical Engineering, 295, pp. 81-92, (2014)
[9] JIN J L, WEI Y M, DING J., Fuzzy comprehensive evaluation model based on improved analytic hierarchy process, Journal of Hydraulic Engineering, 35, 3, pp. 65-70, (2004)
[10] WANG H M, JIANG L, XIAN M., Grey evaluation model and algorithm of network attack effectiveness, Journal on Communications, 30, 11A, pp. 17-22, (2009)

← 1 2 3 →