Abstract
This study aims to use neural network theory to analyze and evaluate computer network security. Firstly, the evaluation model of computer network security was given based on relevant literature, and the corresponding index system was constructed, including 19 indicators of management security, physical security, and logical security. Then, the index normalization standard was proposed and the index security level was set. Finally, computer network security was evaluated according to the neural network. Results show that security management strategy has the greatest impact on computer network security, followed by routing control and data encryption.
Introduction
With the continuous development of the current information technology, the computer and network technology is also changing the sun and the moon. At the same time, the uncertain factors that affect the network security are gradually increasing. As a result, as a network user, network security has become a problem that cannot be ignored. At the same time, network users must measure the degree of network security effectively, so that they can grasp the degree of network security and influence factors of network security, thereby they can guarantee the security of the system to the greatest extent. The computer network security evaluation principle is guided by its evaluation criteria, first of all, to determine the content and scope of the evaluation of the network of the situation, security conditions, network vulnerability analysis, and then take the relevant evaluation method for evaluation, and finally out of the network security level. The study focuses on the current network security evaluation system, to explore the role of neural network evaluation, and validate the working process.
Literature review
At present, the researches on theories and methods of cybersecurity assessment are still in primary and decentralized status in our country, and there is no scientific system. So far there is no comprehensive evaluation index system and mathematical model. Zhai Huaxin, Song Yan and Wang Chujiao established the evaluation index system and single index evaluation standard according to the completeness, independence, simplicity, accuracy and operability of the evaluation system and applied AHP, gray evaluation and fuzzy theory exploratory research on network security evaluation [1–3]. Wen Siqin and Wang Biao improved the simulation model of computer network security by using the genetic algorithm based on BP neural network algorithm and deeply studied the application of GABP neural network algorithm in computer network security evaluation [4]. Wu Renjie selected computer network security evaluation index through the expert system, and then used the expert scoring method to determine the weight of the evaluation index. Finally, the index weight was input into BP neural network to learn, and BP neural network parameters were optimized through particle swarm optimization to obtain computer network security rating [5]. A fuzzy analytic hierarchy process (AHP) was used by Chen Hua-xi to select an index to construct evaluation index system for computer network security. The improved AHP based on subjective and objective weighting combined with information entropy coupling weighting method was put forward, which was important to the factors influencing network security Sorting, using fuzzy comprehensive evaluation method to establish network security evaluation model [6]. Hu Zhi-feng mainly combined the characteristics of our country’s computer network, selected 10 characteristic indexes that could represent network security, such as intrusion detection technology, and constructed the discrete Hopfield neural network model for network security rating [7]. Computer network security based on adaptive BP neural network was proposed to solve the problems of difficult operation and low accuracy when using traditional evaluation methods to evaluate the existence of many kinds of security evaluation indexes and high nonlinearity of each indicator in modern computer networks evaluation algorithm. The artificial fish swarm optimization algorithm was used to optimize and determine the traditional BP neural network structure parameters, and then the sample targets were trained and learned according to the optimized network. Finally, the validity of the algorithm was tested and evaluated by expert evaluation test data [8]. Sun aimed at the shortcomings of the neural network method in computer network security evaluation, and proposed a new method of computer network security evaluation based on support vector regression. First of all, it discussed the principle of constructing the index system, further established the evaluation index system of computer network security, and then gave the standardization method of the the index and divided the level of computer network security. Finally, it built a computer network security evaluation based on support vector regression the model is given and a simulation example is given [9]. Wang Wei aimed at the problems that the BP neural network algorithm was slow in convergence speed, easy to fall into a local minimum and difficult to determine the network structure, leading to its poor learning efficiency and poor classification accuracy, a network safety evaluation index system was established by using a probabilistic neural network (PNN) to simulate the sample data [10, 11]. Generally, there are two kinds of theories about the evaluation of computer network security scholars: gray fuzzy evaluation theory and neural network theory. Obviously, the former theory has the influence of the subordinate function of man-made affirmation and the weight of each evaluation index. Objectivity, comparability and reliability are poor. The latter theory more scholars in the use of a certain method of embedding improved, although achieved some results, it’s too theoretical, practical need to be further tested. Therefore, the author throws away the improved method in the neural network, directly uses the neural network theory to evaluate the computer network security, in order to enhance the practicality and reliability of the evaluation.
Computer network security evaluation model
Under the guidance of its evaluation criteria, first of all, to determine the content and scope of the evaluation, to analyze its own situation, security status and network vulnerability, and then to evaluate it by relevant evaluation methods, and finally, the security level of the network is calculated. Computer network security evaluation mathematical model:
Judging from the computer network security evaluation model, select the computer network security evaluation factor and network evaluation model is crucial. Computer network security has the characteristics of uncertainty and non-linearity. Therefore, this study adopts the BP neural network with very strong non-linear approximation ability as the network evaluation model, uses the expert method to determine the influencing factors of computer network security, and mark it, determine its weight to evaluate the results, so as to improve the accuracy of computer network security evaluation.
Index system construction
The Computer network is a complex system with many factors affecting its security. To evaluate its security level accurately, we must first establish a scientific and perfect evaluation index system of computer network security. Based on the management security, physical security and logical security of the computer network system, this study chooses computer network security evaluation indexes by experts, as shown in Table 1, and marking the computer network security evaluation indexes by the expert system to determine its weight.
Evaluation index system for computer network security
Evaluation index system for computer network security
The indexes constructed in Table 1 reflect the state of computer network security from different angles. Because of the different dimensions among the indexes, it is impossible to make a direct comparison. In order to make each index comparable and speed up the convergence speed of the neural network, indicators were normalized:
Qualitative indicators: using expert marking method to determine its data, at the same time, the indicators were normalized. Quantitative indicators: Forward indicators:
According to the comprehensive weight of the indicator, the computer network can be evaluated for its security. According to the related research, the security level of the computer network is divided into four levels: security (A), basic security (B), insecure (C), and extremely insecure (D), the total security level set to 1 points, the corresponding level of security and the corresponding scores shown in Table 2.
Computer network security level
Computer network security level
Design input layer
In the process of neural network design, there must be a sufficient number of evaluation indexes, and the number of these evaluation indexes is one-to-one correspondence with the number of neuron nodes in the input layer. Among the evaluation systems designed in this study, there are altogether 20 secondly indexes, and data set is based on the secondly index, so in the study of the evaluation system, a total of 20 neuron nodes, and corresponds to the corresponding secondly indicators.
Design hidden layer
According to a series of evidence from experts at home and abroad, we can see that if we design a network with hidden layers, then it can represent the connection function of any closed interval. Because of the full function of the hidden layer network, in general, the neural network can do an M-dimensional to N-dimensional mapping. So in the general practice process, most networks choose to use the single hidden layer, and the network designed in this study also uses this single hidden layer structure.
In the design of neural networks in the study, the key is to choose the right number of nodes in the network hidden layer. Excessive number of nodes will lead to a large increase in learning time, and also cause a certain learning error, which leads to low learning efficiency. On the contrary, if the number of nodes is too small, fault tolerance and linear mapping function of the network will also be reduced, and some errors will inevitably occur. With regard to the determination of the number of hidden layer nodes, there are many formulas corresponding to the composition of the neural network. For example, h = N + 0.618 × (N - O) 2, h = (N + O) 2, h = log 2N, where h represents the number of hidden layer nodes; O represents the number of output nodes; N represents the number of input nodes. h = log 2N used in the paper to determine the number of hidden layer nodes, that h = log 219 = 5.
Design output layer
The design network output is aimed at the safety evaluation result of the target computer network. According to the setting of the evaluation result evaluation, the number of nodes in the network output layer designed in this study is set as 3, and the output result is shown in Table 3.
Output result table
Output result table
The study used neural network to evaluate the safety of computer network and obtains the expected results, such as the need to determine the artificial weight, membership function or only qualitative analysis of the defects, the importance of each evaluation index is obtained by training a sample of the index evaluation standard, with better objectivity, comparability and impartiality. In this study, based on the single-index evaluation criteria, we can form enough training samples, test samples and test samples by randomly generating samples in the interval. The number of training samples must be more than the number of network connection weights, and the training process must be monitored in real time in order to avoid “overtraining”. The model uses a quasi-Newton method to train the network, overcoming BP network modeling defects requires a large number of training samples, slow convergence speed, easy to appear “training” and “overfitting” phenomenon, the establishment of a comprehensive evaluation of the network security model of neural network generalization ability is very good. Among the 19 indicators of network security, security management strategy has the greatest impact on computer network security, followed by routing control technology and data encryption status. Therefore, when carrying out network planning, from the perspective of network security, we should first establish better management strategies and carry out better data encryption, and there is a significant nonlinear relationship between each evaluation index and network security level.
Footnotes
Acknowledgments
This work was supported by the next generation of Internet innovation projects in the CERNET (NGII20160204), Training plan for young backbone teachers of Henan Province in China (2014GGJS-020), Henan science and technology development plan project (172102210186).