To effectively improve the prediction precision of network security situation and prevent the large-scale network security attacks, an immunity-based time series prediction approach for network security situation (ITSPA) is proposed. In ITSPA, the concepts and formal definitions of antigen, antibody and affinity used for predicting network security situation are given; and meanwhile, the mathematical models of antibody evolution operators used for establishing the prediction model of network security situation are shown. For the time series of network security situation, its chaotic characteristics are analyzed and the corresponding sample space is reconstructed by phase space reconstruction method; then, the corresponding prediction model is constructed by artificial immune mechanism; finally, this prediction model is used for predicting the time series of network security situation. To demonstrate the predicting effectiveness of ITSPA, four typical time series (namely real-time network probe situation, real-time network situation, short-term network probe situation and short-term network situation) obtained from DARPA 1999 data set and long-term network security situation time series obtained from HoneyNet Project data set are used for simulating experiments. The experimental results show that ITSPA is an effective prediction approach for the time series of network security situation.

• 出版日期2015-1
• 单位海南师范大学; 怀化学院; 湖南大学