为最大程度避免船用网络受复杂海洋环境、攻击与设备故障威胁,本文提出融合攻击图与LightGBM的船用网络安全可靠性评估方法。构建融合时间维度的改进概率攻击图,通过攻击路径概率、节点被攻破时长等表征网络安全特征;通过量化网络抗毁性与自愈性指标,表征网络可靠性特征;构建安全、可靠性双维度特征集,作为LightGBM(轻量级梯度提升机)模型的输入,实现船用网络安全可靠性综合分析,输出动态评分与等级划分结果。实验结果表明,在船用网络电子海图系统攻击场景下,该方法可以有效提取网络的安全与可靠性特征,清晰表征网络的安全和可靠性变化;且安全可靠性分析的马修斯相关系数(MCC)、F1分数分别高达0.92和0.94,对数损失与布里尔分数仅分别为0.11和0.07,可实现安全与可靠性的一体化精准评估。
In order to avoid the threat of complex marine environment, attack and equipment failure to the greatest extent, this paper proposes a marine network security and reliability evaluation method based on the fusion of attack graph and lightgbm. An improved probabilistic attack graph with time dimension is constructed, which characterizes the network security characteristics by the attack path probability and the duration of node being broken down; The network reliability is characterized by quantifying the network invulnerability and self-healing indexes; Build a two-dimensional feature set of safety and reliability as the input of LightGBM (lightweight gradient hoist) model, realize the comprehensive analysis of marine network security and reliability, and output the results of dynamic scoring and grading. Experimental results show that in the attack scenario of the ship network electronic chart system, this method can effectively extract the security and reliability features of the network, clearly characterizing changes in network security and reliability. Furthermore, the Matthews Correlation Coefficient (MCC) and F1 score for security reliability analysis are as high as 0.92 and 0.94, respectively, with logarithmic loss and Brier score only being 0.11 and 0.07, respectively. This enables integrated and accurate evaluation of security and reliability.
2026,48(7): 185-189 收稿日期:2025-10-3
DOI:10.3404/j.issn.1672-7649.2026.07.030
分类号:U665.26
基金项目:2025年度网信优秀人才支持计划项目(网络安全领域-01-5);广西高校中青年教师科研基础能力提升项目(2024KY1186);南宁市青秀区科技计划项目(重点研发计划)(2020006);广西高校中青年教师科研基础能力提升项目(2025KY1524)
作者简介:姚上开(1984-),男,硕士,讲师/工程师,研究方向为软件工程、计算机网络技术及网络安全。
参考文献:
[1] 胡思尧, 杨柳涛. 集装箱船LoRa无线网络控制策略的设计及优化[J]. 中国航海, 2023, 46(3): 111-117 HU S Y, YANG L T. Design and optimization of LoRa wireless network control strategy for container ship[J]. Navigation of China, 2023, 46(3): 111-117
[2] 杨家轩, 许洲锦, 来源, 等. 基于概率攻击图的船舶网络安全评估模型[J]. 大连海事大学学报, 2023, 49(1): 26-33 YANG J X, XU Z J, LAI Y, et al. Ship cyber security assessment model based on probability attack graph[J]. Journal of Dalian Maritime University, 2023, 49(1): 26-33
[3] 吴文刚. 基于神经网络的船舶计算网络安全评估架构设计[J]. 船舶工程, 2025, 47(9): 202 WU W G. Design of a neural network-based architecture for security assessment of ship computing networks[J]. Ship Engineering, 2025, 47(9): 202
[4] 张文君, 张英俊, 张闯. 基于HHM-RFRM理论的智能船舶航行风险识别与筛选[J]. 安全与环境学报, 2023, 23(2): 333-340 ZHANG W J, ZHANG Y J, ZHANG C. Intelligent ship navigation risk identification and screening based on HHM-RFRM[J]. Journal of Safety and Environment, 2023, 23(2): 333-340
[5] 庄涛, 苏锦川, 李军, 等. 高端客滚船网络安全系统设计[J]. 船海工程, 2023, 52(4): 18-21+28 ZHUANG T, SU J C, LI J, et al. Design of the network security system for a deluxe ro-ro passenger vessel[J]. Ship & Ocean Engineering, 2023, 52(4): 18-21+28
[6] 张峰, 吴立金. 舰船电站网络控制系统可信性分析设计技术[J]. 计算机测量与控制, 2023, 31(2): 129-134 ZHANG F, WU L J. Credibility analysis and design technology of ship power station network control system[J]. Computer Measurement & Control, 2023, 31(2): 129-134
