公共资源网络中资源滥用行为检测研究仿真

吉林大学学报(信息科学版) ›› 2020, Vol. 38 ›› Issue (3): 335-340.

公共资源网络中资源滥用行为检测研究仿真

冯喆1，2，侯霄昱3，4，陈彦霖5

1．考文垂大学电子计算机工程学院，英格兰考文垂CV15FB; 2．天津市烟草专卖局综合计划处，天津300041;
3．天津师范大学管理学院，天津300387; 4．天津市区第一烟草专卖局党建工作科，天津300050;
5．广东文理职业学院机电工程系，广东湛江524400

收稿日期:2019-09-19 出版日期:2020-05-24 发布日期:2020-06-24
作者简介:冯喆( 1988— ) ，男，山西柳林人，考文垂大学经济师，主要从事通信工程、工程企业管理研究，( Tel) 86-15022690876( E-mail) zixcan1001@163． com。
基金资助:
广东文理职业学院2017 年“创新强校工程”品牌专业基金资助项目( GWL201703004)

Research and Simulation of Resource Abuse Detection in Public Resource Network

FENG Zhe1，2 ，HOU Xiaoyu3，4 ，CHEN Yanlin5

1． School of Computer Engineering，Coventry University Coventry，Coventry CV15FB，England; 2． Division of Integrated Planning，
Tianjin Tobacco Monopoly Bureau，Tianjin 300041，China; 3． School of Management，Tianjin Normal University，
Tianjin 300387，China; 4． Party Construction Section，Tianjin NO． 1 Urban District Tobacco Monopoly Bureau，Tianjin 300050，China;
5． Department of Arts and Sciences，Guangdong Institute，Zhanjiang 524400，China

Received:2019-09-19 Online:2020-05-24 Published:2020-06-24

摘要/Abstract

摘要： 传统网络资源行为检测方法无法准确确定资源行为的符号观测，导致检测效果较差，整体检测严重受
限。为此，提出一种新的基于隐马尔科夫模型的公共资源滥用行为检测方法。构建隐马尔科夫模型，通过数据
分析，确定当前观测符号序列，利用Windows 操作系统信息为蓝本进行行为检测。建立敏感文件信息集，并使
其分布在系统敏感文件夹中。在此基础上确定当前隐马尔科夫模型参数。计算对应序列概率差值，根据当前
公共资源网络信息安全要求，设定实际阈值，确定资源滥用行为。仿真实验结果表明，该监测方法真实有效，
具有较高的推广和应用价值。

关键词: 公共资源, 网络行为, 训练参数

Abstract: The traditional network resource behavior detection method can not accurately determine the symbol
observation of resource behavior，resulting in poor detection effect and severe limitation of overall detection．
Therefore，a new detection method of public resource abuse based on hidden markov model is proposed． The
hidden markov model is constructed to determine the current observation symbol sequence through data analysis．
And the behavior detection is based on the information of Windows operating system． A set of sensitive file
information is constructed and distributed it in system sensitive folders． On this basis，the current hidden markov
model parameters are determined． The probability difference value of corresponding sequence is calculated，and
the actual threshold value is set to determine the resource abuse behavior according to the current information
security requirements of public resource network． The simulation results show that the monitoring method is
reallistic and effective，and has higher generalization and application performance．

Key words: public resources, network behavior, training parameters

中图分类号:

TP391

冯喆, 侯霄昱, 陈彦霖. 公共资源网络中资源滥用行为检测研究仿真[J]. 吉林大学学报(信息科学版), 2020, 38(3): 335-340.

FENG Zhe, , HOU Xiaoyu, , CHEN Yanlin. Research and Simulation of Resource Abuse Detection in Public Resource Network[J]. Journal of Jilin University (Information Science Edition), 2020, 38(3): 335-340.