摘要:The rapid development of computer networks has accelerated the development ofsociety, but also leads to much more frequent network attacks, and makes the attacks much morecomplex. Therefore, network intrusion detection becomes a great challenge to the security issue both in industry and academy. In this paper, we present network attacks detection and prediction method based on threat model,and then the network security trend is analyzed. The algorithm isrndivided into three steps:firstly, the threat model and behavior sequence templates are constructed, and the elements of the treat model and the behavior sequence templates are updated and maintained frequently;secondly, behavior elements is compared withthebehavior sequencetemplatescollaboratively, then a detection and prediction of the attack behavior is performed;finally, thesecurity situation of theentire network is analyzed by a quantitative situation evaluating model,cooperating with the network topology, and the threat type is determined by a D-S evidence theory algorithm.The experiment results showsthat, during its running in an intranet security guard system of alargeenterprisein 2010, thenext-step attack can be predicted by our algorithm, and the security situation of the entire network can be accurately evaluated asrnwell.
