【摘要】 利用系统访问控制关系,定义了主体、客体两个偏序结构和二者间的映射关系,建立了分层映射内部威胁模型;利用此模型定义了表征系统内部威胁状态的内部威胁云模型,并设计了基于云模型的感知算法,实现了对系统内部威胁的评测感知.基于云模型的内部威胁感知算法,利用云模型从多角度将系统的定性、定量内部威胁特征融合分析、决策,克服了原有方法不能同时定量定性分析内部威胁的缺陷,提高了感知的准确性和客观性.实验结果表明,此算法能够实时、有效地感知系统的内部安全威胁.更多还原

【Abstract】 Using the access control relationship,the partial-order structures of subjects and objects in the system and their mapping relationship are defined,and a hierarchy-mapping based insider threat model is developed on these definitions.Then,this model is applied to build a cloud model which characterizes the states of insider threat in the system.Based on the proposed cloud model,an algorithm,which improves the accuracy and objectivity in evaluation,is also designed for sensing the insider threat in the system.Compared to the previous works,the algorithm could analyze threats of the system in various respects and makes decision qualitatively and quantitatively.As a result,the experiments show that the algorithm could effectively sense the insider threat in real-time.更多还原