基于贝叶斯网络的视频专网安全风险分析方法

doi:10.3969/j.issn.1671-1122.2021.12.013

摘要/Abstract

摘要：

公安视频专网是为视频监控系统联网及应用而建立的专门网络,是提高公安工作效率、辅助侦破案件的利器,有效的安全风险评估可以指导配置安全保护资源并补齐短板。针对公安视频专网的安全风险评估研究不足。文章提出了一种视频专网安全风险评估方法,从视频专网安全态势、安全保护水平、运行安全风险因素、安全事件后果等多维度考虑专网安全风险。借助贝叶斯网络（Bayesian Network,BN）、事件树和模糊集理论细粒度总结风险因素,动态分析并量化风险值。通过情景分析、部分验证与案例研究的方法验证合理性与有效性,验证结果表明,该方法有助于提高公安部门对视频专网的安全风险感知、分析与评估能力。

关键词: 视频专网, 风险分析, 贝叶斯网络, 事件树, 风险评估

Abstract:

The public security video private network is a special network established by the public security department for the networking and application of video surveillance systems, and is a way for improving the efficiency of public security work and assisting in the detection of cases. Effective assessment can guide the allocation of security protection resources and fill in shortcomings. At present, there is insufficient research on the security risk assessment of public security video private network. This paper proposed a method for evaluating the security risk of a video private network, which considered the security risk of the private network from the perspective of the security situation of the private video network, the level of security protection and the consequences of security incidents. With the help of Bayesian network, event tree and fuzzy set theory, the risk factors were summarized in a fine-grained manner, and the risk value was dynamically analyzed and quantified. The methods of scenario analysis, partial verification and case studies were used to verify the rationality and effectiveness of the method. The results show that this method can improve the security risk perception, analysis and assessment capabilities of the public security department on the video private network.

Key words: video private network, risk analysis, Bayesian network, event tree, risk assessment

中图分类号:

TP309

朱容辰, 李欣, 林小暖. 基于贝叶斯网络的视频专网安全风险分析方法[J]. 信息网络安全, 2021, 21(12): 91-101.

ZHU Rongchen, LI Xin, LIN Xiaonuan. The Security Risk Analysis Method for Video Private Network Based on Bayesian Network[J]. Netinfo Security, 2021, 21(12): 91-101.

图/表 14

图1

图2

表1

表2

表3

表4

表5

表6

图3

表7

图4

图5

表8

表9

参考文献 22

[1]	LUKO S N. Risk Management Principles and Guidelines[J]. Quality Engineering, 2013, 25(4):451-454. doi: 10.1080/08982112.2013.814508 URL
[2]	DUAN Yongcheng. Extraction and Evaluation of Network Security Situation Elements for Video Private Network[D]. Beijing: People’s Public Security University of China, 2020.
	段詠程. 面向视频专网的网络安全态势要素提取与评估[D]. 北京:中国人民公安大学, 2020.
[3]	LI Xin, DUAN Yongcheng, HUANG Shuhua, et al. Research on the Construction of Network Security Situation Index System for Video Private Network[J]. Journal of Beijing University of Aeronautics and Astronautics, 2020, 46(9):1625-1634.
	李欣, 段詠程, 黄淑华, 等. 面向视频专网的网络安全态势指标体系的构建研究[J]. 北京航空航天大学学报, 2020, 46(9):1625-1634.
[4]	WU Jiansong, XU Shengdi, ZHOU Rui, et al. Scenario Analysis of Mine Water Inrush Hazard Using Bayesian Networks[J]. Safety Science, 2016, 26(89):231-239.
[5]	ZHANG Chao, WU Jiansong, HU Xiaofeng, et al. A Probabilistic Analysis Model of Oil Pipeline Accidents Based on an Integrated Event-Evolution-Bayesian (EEB) Model[J]. Process Safety and Environmental Protection, 2018, 28(117):694-703.
[6]	ZHU Rongchen, LI Xin, HU Xiaofeng, et al. Risk Analysis of Chemical Plant Explosion Accidents Based on Bayesian Network[J]. Sustainability, 2019, 12(1):1-20. doi: 10.3390/su12010001 URL
[7]	ZHANG Yiyi, HU Xiaofeng, BAI Yuchen, et al. Risk Assessment of Gas Leakage from School Laboratories Based on the Bayesian Network[J]. International Journal of Environmental Research and Public Health, 2020, 17(2):426-436. doi: 10.3390/ijerph17020426 URL
[8]	LANDUCCI G, ARGENTI F, COZZANI V, et al. Assessment of Attack Likelihood to Support Security Risk Assessment Studies for Chemical Facilities[J]. Process Safety and Environmental Protection, 2017, 27(110):102-114.
[9]	PATE-CORNELL M E, GUIKEMA S D. Probabilistic Modeling or Terrorist Threats: A Systems Analysis Approach to Setting Priorities Among Countermeasures[J]. Military Operations Research, 2008, 13(3):89-93. doi: 10.5711/morj.13.3.89 URL
[10]	HUSMEIER D. Introduction to Learning Bayesian Networks from Data[M]. Berlin: Springer, 2005.
[11]	ZHOU Deyu, XU Haiyang, HE Yulan. An Unsupervised Bayesian Modelling Approach for Storyline Detection on News Articles[C]// ACL. 2015 Conference on Empirical Methods in Natural Language Processing, September 17-21, 2015, Lisbon, Portugal. New York: Association for Computational Linguistics, 2015: 1943-1948.
[12]	WANG Litao, JIA Meisheng, SHI Yi, et al. A Knowledge-based Reasoning Model for Crime Reconstruction and Investigation[J]. Expert Systems with Applications, 2020, 30(159):113-119.
[13]	WU Jiansong, XU Shengdi, ZHOU Rui, et al. Scenario Analysis of Mine Water Inrush Hazard Using Bayesian Networks[J]. Safety Science, 2016, 26(89):231-239.
[14]	ZERROUKI H, SMADI H. Bayesian Belief Network Used in the Chemical and Process Industry: A Review and Application[J]. Journal of Failure Analysis and Prevention, 2017, 17(1):159-165. doi: 10.1007/s11668-016-0231-x URL
[15]	LASKEY K B, SUZANNE L, WRIGHT E, et al. Hypothesis Management in Situation-specific Network Construction[EB/OL]. https://arxiv.org/ftp/arxiv/papers/1301/1301.2287.pdf, 2002-07-10.
[16]	DEMPSTER A P. Upper and Lower Probabilities Induced by a Multivalued Mapping[J]. Annals of Mathematical Statistics, 1967, 38(2):325-339. doi: 10.1214/aoms/1177698950 URL
[17]	LIU Liping, YAGER R R. Classic Works of the Dempster-shafer Theory of Belief Functions[M]. Berlin: Springer, 2008.
[18]	KLEEMANN J, CELIO E, FÜRST C. Validation Approaches of an Expert-based Bayesian Belief Network in Northern Ghana, West Africa[J]. Ecological Modelling, 2017, 33(365):10-29.
[19]	KABIR G, BALEK N B C, TESFAMARIAM S. Consequence-based Framework for Buried Infrastructure Systems: A Bayesian Belief Network Model[J]. Reliability Engineering & System Safety, 2018, 17(180):290-301.
[20]	KHAKZAD N, MARTINEZ I S, KWON H M, et al. Security Risk Assessment and Management in Chemical Plants: Challenges and New Trends[J]. Process Safety Progress, 2018, 37(2):211-230. doi: 10.1002/prs.v37.2 URL
[21]	DUAN Yongcheng, WANG Yuqing, LI Xin, et al. Extraction of Random Forest Network Security Situation Elements Based on RSAR[J]. Netinfo Security, 2019, 19(7):75-81.
	段詠程, 王雨晴, 李欣, 等. 基于RSAR的随机森林网络安全态势要素提取[J]. 信息网络安全, 2019, 19(7):75-81.
[22]	JONES B, JENKINSON I, YANG Z, et al. The Use of Bayesian Network Modelling for Maintenance Planning in a Manufacturing Industry[J]. Reliability Engineering & System Safety, 2010, 95(3):267-277. doi: 10.1016/j.ress.2009.10.007 URL

子节点	一级子节点	二级子节点	父节点
安全态势指数	系统脆弱性指数	漏洞威胁指数	漏洞威胁等级
			漏洞种类数
			漏洞数量
		木马威胁指数	木马威胁等级
			木马数量
			可清除性
	网络安全威胁指数	网络攻击指数	攻击严重程度
			攻击强度
			安全警报出现频次
		病毒威胁指数	病毒威胁等级
			病毒种类数
			病毒数量

子节点	一级子节点	二级子节点	父节点
运行安全指数	基础网络运行安全指数	网络异常流量指数	平均流量
		网络异常流量指数	峰值流量
		资源消耗指数	带宽使用率
			CPU使用率
			内存使用率
			设备服务状态
	前端设备运行安全指数	服务状态安全指数	前端设备在线状态
		服务状态安全指数	录像存储状态
		异常状态安全指数	前端设备存在漏洞状态
			前端设备存在弱口令状态
			前端设备存在违规接入状态
	边界运行安全指数	公安信息网边界安全指数	边界设备可用性
		公安信息网边界安全指数	边界非法接入状态
		互联网边界安全指数	边界设备可用性
		互联网边界安全指数	边界非法接入状态
		其他专网边界安全指数	边界设备可用性

子节点	状态	父节点	状态
公安视频专网安全保护水平	高、中、低	访问权限限制与审查	高、中、低
		软件更新与漏洞修复	高、中、低
		安全检查与审计	高、中、低
		攻击与泄密的溯源与追踪	高、中、低
		安全事件演练与响应	高、中、低

子节点	状态	父节点	状态
公安视频专网安全管理水平	高、中、低	前端设备管理水平	高、中、低
		传输管道管理水平	高、中、低
		人员管理水平	高、中、低
		数据管理水平	高、中、低

子节点	状态	父节点	状态
公安视频专网内容风险水平	高、中、低	是否遭到监听或泄露	是、否
		是否遭到损毁	是、否
		是否遭到伪造与篡改	是、否
		内容的可用性	正常、不正常
		内容的可控性	正常、不正常