A Hidden Markov Model-Based Network Security Posture Prediction Model

Abstract

Abstract As a key technology of network security situational awareness, this paper focuses on network security situational prediction technology and proposes a new network security situational prediction model based on Hidden Markov Model. The paper proposes a network security posture prediction method based on the improved Hidden Markov Model for the problem that the Baum-Welch parameter training method of the traditional Hidden Markov Model for posture prediction is sensitive to initial values and easily falls into local optimum. The method obtains the initial parameters by introducing the simulated annealing algorithm and using its excellent probabilistic burst-jump property to find the optimal in the global range. The Baum-Welch algorithm is used to optimize the initial parameters further to obtain the optimal model parameters, and then a more accurate posture prediction model is established. The probability of occurrence of the alarm information sequence corresponding to the network security posture value of 3 at t= 4 is obtained by simulating the network environment for testing, which is 0.000268, 0.000152, 0.000147, 0.000284, and 0.000187. Comparing the generated network security posture values with the real situation, it is found that the predicted results in this paper are highly similar to the real values. It is verified that the improved Hidden Markov method can effectively improve the accuracy of the network security posture prediction model and reflect the network security situation more objectively and realistically.