CN102468997A - Stability evaluation method for multi-dimensional network security index system - Google Patents

Abstract

The present invention provides a method for evaluating the stability of a multi-dimensional network security index system based on statistical methods, which evaluates the quality of an index system from the perspective of whether the index system can obtain correct evaluation results under multiple different sample conditions. In particular, the segmented sampling method is used to make the evaluation of the stability of different dimensions more fair and reasonable in view of the differences in the distribution characteristics of source data in different dimensions.

Description

A kind of multidimensional network safety index system stability assessment method

Technical field

The invention belongs to network security, relate in particular to the stability assessment method of network security index system.

Background technology

Current society, it is closely bound up with people's life that network is just becoming, and network security also causes people's great attention.For effectively assessing the situation of current network safety; People often formulate various index systems; Obtain the evaluation of network safety situation through the processing of the network information, so whether index system is reasonable, can reflects correctly that network safety situation just becomes the another focus that people pay close attention to.

Do not have clear and definite definition at present for the index system reasonability, general says, the assessment of index system reasonability is exactly a quality of investigating index system.The purposes of index system is that target is estimated; Its evaluation result will be made the basis of further decision-making as people, but the designer ignores some factors unavoidably or given up some factors because of certain restriction and cause index system can not reach designing requirement to the assessment result of target is not accurate enough when carrying out Index System Design.The design and the practical application that also note that index system in addition are discrepant; Design often launches research and design to comparatively simple applied environment; But actual application environment possibly be dynamic and changeable, and index system does not meet or applied environment can or can not reach originally design effect when changing also in requisition for investigating in applied environment and design hypothesis.Current in addition index system all has application in every field; Different index systems often solve certain problem targetedly; More to produce effect or reference is more arranged also be the problem of need considering to which index system before when facing a new problem or field, and this just needs methodology each index system is estimated and to be compared.For addressing the above problem, need set up methodology the index system reasonability is assessed.

Because assessment objective is widely different different field, evaluation condition is different, is difficult to a unified standard.When specific to the evaluation criteria that can make a science with the network security index system during as evaluation objective under certain condition, estimate its reasonability.The index system reasonability comprises the correctness of its result of calculation, the stability of index system and three aspects of redundancy of himself.

The method of evaluation index system correctness commonly used is based on the validity analysis of compatibility and diversity factor at present.Compatibility and diversity factor all are based on coefficient of rank correlation:

$r_{\mathrm{ij}}=1-\frac{6}{n(n^2-1)}\underset{t=1}{\overset{n}{\mathrm{\Σ}}}{d}_t^2$

D wherein _tRepresent t evaluation object (promptly is network safety situation in net peace field) at i, the ordering in two evaluations of programme of j (promptly is the network security index system in net peace field) poor, wherein, n is the quantity of evaluation object, r _IjRepresent i, the coefficient of rank correlation of two evaluations of programme of j.Compatibility is exactly the mean value of certain index system and other index system coefficient of rank correlations; Diversity factor is meant that be benchmark with current index system to the rank of each network safety situation, is positioned at the average of number of the rank overshoot ranking of network safety situation under other index system evaluations of a certain rank scope.Compatibility is high more for an index system, and diversity factor is low more just good more.

But this index system reasonability appraisal procedure is just weighed from index system result of calculation correctness angle; Do not analyze the concrete outcome of its each dimension for the multidimensional index system, lack yet for calculated result analysis under different time sequence signature and source data characteristic.

In addition; Existing often comparatively general to the evaluation of an index system result of calculation correctness, very fast in the network safety filed environmental change, data constitute comparatively complicated; Index system possibly be unsettled to the evaluation effect of network safety situation; Maybe be relevant with source data, a same index system possibly utilize the correctness of the result of calculation that different source datas obtains different in different environment, and just whether index system is stable to the assessment of network safety situation.This point can't embody through the whole result of calculation correctness of index system; Therefore also to consider the stability of this index system; Be whether index system always can correctly assess the current network security postures; A network security index system is applied in the different environment in practical application, whether can both draw correct evaluation result in the different time section.Existing index system appraisal procedure is not assessed to this respect.

Summary of the invention

Therefore, the objective of the invention is to overcome the defective of above-mentioned prior art, under a plurality of different sample situation, whether can both obtain the quality of an index system of angle assessment of correct assessment result from an index system.

The objective of the invention is to realize through following technical scheme:

A kind of multidimensional network safety index system stability assessment method based on statistical method is provided in one embodiment of the present of invention, has said method comprising the steps of:

Step 1) is selected n sample;

Step 2) k the result of calculation Z of dimension under i sample of calculating target index system _Ik, 1≤i≤n, 1≤k≤L;

In step 3) judges that said result of calculation is whether between zone of acceptability, if but at reception interval, then with this result of calculation Z _IkBe mapped as 1, otherwise with result of calculation Z _IkBe mapped as 0;

Step 4) is calculated the stable S of target index system on k dimension _k, should satisfy: $S_k=\frac{\underset{i=1}{\overset{n}{\mathrm{\Σ}}}{Z}_{\mathrm{Ik}}}{n};$

Step 5) is calculated the resistance to overturning S of target index, should satisfy:

Wherein $\underset{k=1}{\overset{L}{\mathrm{\Σ}}}{W}_k=1.$

Stability assessment method according to an embodiment of the invention; Wherein in step 2) k dimension calculating the target index system also comprise n the step that sample is sampled on k dimension in the step of the result of calculation under the i sample before; Said sample comprises different index item, and said sample is abstract to be may further comprise the steps:

Selection maximum D from the same index item of n sample _MinWith minimum value D _Max

With sample interval [D _Min, D _Max] being divided into n segment, each segment length is [D _Min, D _Max]/n;

From each segment, randomly draw a sample;

Obtain the sample number h that on k dimension, is used to calculate, wherein h≤n;

Successively all index item of sample are sampled by above-mentioned steps.

Stability assessment method according to an embodiment of the invention, wherein, the stable S on k the dimension of step 4) target index system _kFor

1≤i≤h.

Stability assessment method according to an embodiment of the invention, wherein sample can be chosen according to the actual conditions or the historical statistical data of network by the user in the step 1).

Stability assessment method according to an embodiment of the invention, but the wherein granularity that can divide according to network safety situation of step 3) reception interval and user's self demand, perhaps historical statistical data and setting.

Stability assessment method, wherein step 5) W according to an embodiment of the invention _kBe according to different dimensions to user's significance level or user to the difference of its attention rate and be provided with by the user.

Stability assessment method according to an embodiment of the invention, wherein, when result of calculation is directly proportional with the sample logarithm value, can be with sample interval [D _Kmin, D _Kmax] the back division of taking the logarithm, promptly to [logD _Kmin, logD _Kmax] evenly divide.

Compared with prior art, the invention has the advantages that:

For the rational evaluation of index system under the sequential environment or in the bigger environment of network source data movement effective method is provided through the calculating method for stability that proposes in the embodiment of the invention.Under a plurality of different sample situation, whether can both obtain the quality of an index system of angle assessment of correct assessment result from an index system.Especially the difference to different dimensions source data distribution characteristics adopts the mode of segmentation sampling to make that the evaluation of different dimensions stability is more fair and reasonable.

Description of drawings

Followingly the embodiment of the invention is described further with reference to accompanying drawing, wherein:

Fig. 1 is the network security index system Calculation on stability flow chart according to the embodiment of the invention.

Embodiment

In order to make the object of the invention, technical scheme and advantage are clearer, pass through specific embodiment to further explain of the present invention below in conjunction with accompanying drawing.Should be appreciated that specific embodiment described herein only in order to explanation the present invention, and be not used in qualification the present invention.

The present invention is primarily aimed at the multidimensional stratification index system that generally adopts in network safety filed at present; A kind of index system correctness appraisal procedure is provided; Come the similitude of effective evaluation index system result of calculation and desired value, and then estimate the quality of a network security index system.Wherein, each dimension can represent to influence various aspects such as Cyberthreat incident index, cyber-defence measure index, network traffics index of network safety situation etc. respectively in the said network security index system.The calculating of said index system is made up of quantized segment and Index for Calculation two parts, and quantized segment is responsible for source data is carried out normalization, and Index for Calculation partly is responsible for utilizing with normalized network data computing network security postures value.Quantization algorithm commonly used has minimax value method, arc cotangent function method, mediation triangle modulus method etc., and index calculation method commonly used has weighted mean method, maximum value process etc.

The notion of stability assessment has been proposed in network security index system reasonability evaluation process in an embodiment of the present invention.Common index system stability is meant whether whether this index system self is stable, frequently change, like the stability of enterprise production index, government's index.The different with it index systems that are in this application to be proposed are primarily aimed at network safety filed, and its implication is index system can access the correct calculation result under various outside inputs ability or probability, index system self structure constant.In brief, stability described herein representes that the target index system can both obtain the ability of correct evaluation result under a plurality of different samples.

Provide in an embodiment of the present invention to multidimensional network safety index system stability assessment method.This method with index system to the statistics of network safety situation assessment as estimating its stable source data; Because the structure of an index system and computational methods can the bigger differences of existence on each dimension, so first step work is exactly that the correctness of each dimension result of calculation of index system is added up.

In an embodiment of the present invention, be assessment objective with one group of multidimensional hierarchical network safety index system, the result of network safety situation is described be divided into L dimension.With the input domain of one group of typical sample,, as domain output, come the correctness of evaluation index system result of calculation through the difference of measured value and desired value with results of calculation with one group of corresponding desired value territory as a reference as index system.Suppose to have m index system as evaluation object, then produce m assessment result.Wherein, Samples tested derives from the statistical value of network monitoring data, and each sample comprises and is used for data that each dimension calculates at the detected value of a certain period, is [wooden horse event number like a sample vector; DDos incident growth rate; The backbone traffic peak value, there is the leak number in each host operating system safe class in the network on each main frame in the network ...].

Under an input sample, the result that obtain of target index system on a dimension is expressed as c, and the result that expectation obtains is C, and this desired value is by the user subjective feeling of network safety situation to be drawn.To consider the influence such as subjectivity and systematic error of defective, the desired value of sample data itself simultaneously; The index system results of calculation can not be in full accord with desired value, therefore adopts relative deviation to weigh in an embodiment of the present invention, with [a between a zone of acceptability; B] (wherein a≤C≤b) replaces desired value;, calculated value in [a, b] time, thinks to obtain correct result of calculation in dropping between the zone of acceptability of desired value.

In certain embodiments, the setting between zone of acceptability had both received the influence of network safety situation granularity of division, influenced by user's self requirement; The network safety situation of supposing certain dimension is divided into N grade, an interval of the corresponding calculated value of each grade, and for example the scope of the first order is [0; 0.5], the second level is [0.5,1.5]; The third level is [1.5,2.5] or the like, if desired value C drops in the i level scope; Then lower bound a should be not less than the lower bound of i-1 level between zone of acceptability, and the upper bound b between zone of acceptability should be not more than the upper bound of i+1 level, in this scope by the needs decision bound value of user according to oneself.In yet another embodiment, but also can set reception interval according to statistics to historical data.

It is thus clear that; Only have two kinds of situation in the correctness of a next index system of input sample on a dimension, correct and incorrect, result of calculation promptly praises in dropping between zone of acceptability; Otherwise think incorrect, can represent said process with following two-valued function:

To any index system A _iAt dimension k to sample B _iTwo-valued function of the deviation of result of calculation regulation with its be mapped to the binary set 0, among the 1}:

Wherein, i representes i index system, and j representes j group sample, and k representes k dimension, down together.c _IjkThe expression results of calculation, a _Ijk, b _IjkRepresent that respectively this result of calculation can be accepted as the lower bound and the upper bound of correct result.Z _IjkThe correctness of this result of calculation after the expression binaryzation, correctness Z when there is deviation in result of calculation _IjkBe 0, correctness Z when not having deviation _IjkBe 1.

Can the correctness of the result of calculation of each dimension of target index system under each sample be mapped as 0,1 two value through two-valued function successively.In existing index system reasonability appraisal procedure; The result of each dimension of index system is the intermediate object program in the computational process; It is not analyzed; And the method that is provided in an embodiment of the present invention is to start with from each dimension result, each dimension result of calculation is handled, for the stability of analysis indexes system.

On this basis, but the stability of evaluation objective index system on a dimension

A _iStability as a result to dimension k can be expressed as:

$S_{\mathrm{ik}}=\frac{\underset{j=1}{\overset{n}{\mathrm{\Σ}}}{Z}_{\mathrm{ijk}}}{n}$

Wherein, n representes sample size, S _IkBe one 0 to 1 scalar value, the big more explanation of its value is under n group sample, and i index system obtains correct result on dimension k probability is bigger, promptly more stable.

Because the deviation under each sample is all by binaryzation,

In fact exactly can access the sample number of correct result, the stable S of index system i on dimension k _IkIn fact be exactly the sample shared ratio in all samples that obtains correct result.Can find out that the calculating method for stability that embodiments of the invention provide is very simple, can both understand, also can in a plurality of fields, generally be suitable for simultaneously for the domestic consumer of every field.

Can find out that by aforementioned stable property computational process an index system is very big in the influence that the stability on a certain dimension receives respectively to organize the similarity degree between sample: index system result of calculation maybe be different with the deviation of desired value when each sample differences is very big; Between same zone of acceptability, be mapped to { 0 through two-valued function down; The difference of 1} can be bigger, and each sample is bigger to the contribution of assessment indicator system stability like this.And the index system result of calculation that when each sample differences is little, obtains also can be more similar with the deviation of desired value, and this has little significance to the stability of estimating an index system.Therefore the stability of choosing for a certain dimension of assessment indicator system of test sample book also is vital.

In yet another embodiment, can before carrying out the correctness statistic procedure, carry out the sample sampling earlier.Shown in Figure 1 is the flow chart of an embodiment of network security index system calculating method for stability.At first carry out the sample sampling, the more correct assessment result about network safety situation of each dimension of index system is added up afterwards, and the correctness of index system on a certain dimension is mapped as 0,1 two value through two-valued function.Calculate the stability of target index system on each dimension then, after obtaining the stability of each dimension, calculate the whole stability of target index system.

Wherein, the method below adopting is carried out the sample sampling, supposes that the sample set on dimension k is D _k, D _kMiddle element number is N _k, D _kThe scope of middle element is [D _Kmin, D _Kmax], to interval [D _Kmin, D _Kmax] evenly being divided into the n section, every segment length does

D _kIn be distributed in each section sample form n sample subclass, in each subclass, randomly draw a sample as representative.Because initial sample number is N _k, be possibly not fall into sample in some subinterval after the n sub-interval with interval division, therefore last sample number is smaller or equal to n.The dimension k that is actually used in calculating like this goes up sample number and possibly be not quite similar for the sample number that extracts on

each dimension; But the difference degree on each dimension between each sample is similar, so each sample is suitable to the contribution of Calculation on stability.Make that through such processing the present invention's effect in practical application is more obvious, the contrast of each index system stability is more obvious, and this helps the user and between several index systems, makes a choice.Specific to certain field; Division for sample interval can also be adjusted according to the concrete regularity of distribution or to the influence of result of calculation; For example when result of calculation is directly proportional with the sample logarithm value, the sample distribution interval is evenly divided according to its logarithm value, as to [D _Kmin, D _Kmax] back [logD that is takes the logarithm _Kmin, logD _Kmax], should evenly be divided into the n section in the interval, every segment length does

Each sample evidence belongs in the different subsets between its logarithm value location.Taking this sample mode mainly is that sample is disperseed as far as possible, makes the contribution of each sample all reach maximum.In other embodiments, also can sample according to certain selected distribution.

Because the evaluation of stability mainly is to index system itself but not sample number and characteristic, can effectively eliminate the interference of sample distribution characteristic on the different dimensions with the Sample selection method of this segmentation sampling.

A like this _iStability as a result to dimension k is modified to:

$S_{\mathrm{ik}}=\frac{\underset{j=1}{\overset{\stackrel{\·}{n}}{\mathrm{\Σ}}}{Z}_{\mathrm{ijk}}}{\stackrel{\·}{n}}$

Since be not to adopt whole samples but sample, more reliable for making the result, but the stability on a certain dimension is calculated in multiple sampling, makes even all again.The number of times of sample calculation depends on total sample number N _kRatio with the segments n of appointment.

After obtaining the stability of each dimension, the stability that the evaluation objective index system is whole.Can obtain A through top method _iStability to each dimension result of calculation is S _i=[S _I1, S _I2... S _IL], calculating A _iComprehensive stability property the time, the weight of each dimension has been represented the importance of himself, adopts subjective tax power method to be that each dimension composes power here:

$W_k(1\≤k\≤L),\underset{k=1}{\overset{L}{\mathrm{\Σ}}}{W}_k=1$

A _iEstimation of stability be:

$S_i=\underset{k=1}{\overset{L}{\mathrm{\Σ}}}{W}_k{S}_k,$ This is one 0 to 1 a scalar value, and the comprehensive stability property on each dimension of big more this index system of expression of its value is high more, otherwise low more.

Why adopt subjective tax power method to be because different its each dimensions of index system has different significance; And different dimensions is different for user's significance level or user to its attention rate; The weight necessitative aspect reveals the difference of the importance between this each dimension, thereby can satisfy above-mentioned 2 points by the user to each dimension weight assignment.For the fairness between the comparison that guarantees each index system stability, must guarantee simultaneously each index system:

$\underset{k=1}{\overset{L}{\mathrm{\Σ}}}{W}_k=1$

This is the too strong and problem of being unfair property with regard to the subjective colo(u)r that prevented subjective tax power method and bring.

W _kAdopting subjective tax power method mainly is to consider that the otherness between each dimension possibly be difficult to quantize relatively, in order to be that reliability assessment has more universality and adopts subjective tax power method.In other embodiments, when other more accurate and objective tax power methods that can adopt those of ordinary skills to know when in form more similar between several dimensions.

In order to understand the present invention better; Be that example describes with two target index system A1 and A2 below; Wherein the source data quantization algorithm of A1 adopts extremum method, and index calculation method adopts weighted mean method, and the source data quantization algorithm of A2 adopts extremum method; Index calculation method adopts maximum value process, and A1, A2 are hierarchical network safety index systems.It is L=3 that A1 and A2 have three dimensions, is respectively Cyberthreat dimension index, network risks dimension exponential sum network foundation dimension index.Sample is made up of network security threats event number, network warning number, flow average, four fields of flowed fluctuation amplitude, has 5 groups of samples, and the value of each field is obtained by monitor data in the sample, and specifically data are as shown in table 1 is:

Table 1

Wherein, the average of security threat incident, safety alarm number, flow average, flowed fluctuation amplitude becomes positively related with result of calculation, and sample is divided according to common logarithm.For security threat event number and safety alarm number, its sample distribution scope is about [0,1000], gets common logarithm and then it is divided into five sections [0 for [0,3]; 0.6], [0.6,1.2], [1.2,1.8], [1.8,2.4], [2.4,3]; Multi-network security situation is generally relatively poor because the security threat event number is got over, and this also is the situation that the user relatively is concerned about, therefore, can also finely tune top interval division, makes the bigger section of numerical value divide thinner; It is following to obtain new division: [0,1], [1,1.7], [1.7,2.2], [2.2; 2.6], [2.6,3], above-mentioned section is divided according to being to get index in the end with 10, each interval becomes [10 ⁰, 10 ¹], [10 ¹, 10 ^1.7], [10 ^1.7, 10 ^2.2], [10 ^2.2, 10 ^2.6], [10 ^2.6, 10 ³], in this value of each section grab sample 10,30,100,300,1000.For similar values such as safety alarm number, flow average, flowed fluctuation amplitudes, do not stipulate for the order of each sample.

Table 1

Table 2 be in this example each dimension between the desired value and zone of acceptability under each sample, the desired value C of dimension 1 (Cyberthreat index) under sample 1 for example ₁Be 2.2, [a between its zone of acceptability ₁, b ₁] be [2.0,2.4]; Desired value C under sample 2 ₂Be 2.3, [a between its zone of acceptability ₂, b ₂] be [2,2.6]; Other all can and the like.

Table 3 Cyberthreat dimension result of calculation

Table 4 network risks dimension result of calculation

Table 2 network foundation dimension result of calculation

Table 3 is the Cyberthreat dimension result of calculation of two target index system A1 and A2.Table 4 is the network risks dimension result of calculation of two target index system A1 and A2.Table 5 is the network foundation dimension result of calculation of two target index system A1 and A2.For example, reference table 3, the Cyberthreat of index system A1 dimension is 1.4 at 1 time calculated value of sample, drops between zone of acceptability outside [2.0,2.2], thinks that the result is incorrect, is 0 after the binaryzation.Similarly the calculated value of A1 under other samples also carried out binaryzation and can obtain Cyberthreat dimension result of calculation correctness binaryzation result as shown in table 6.Similarly to A1, the calculated value of A2 under other each dimensions, each sample similarly the binaryzation result shown in table 7 and table 8.

Table 6 Cyberthreat dimension result of calculation correctness binaryzation

Table 7 network risks is tieed up real result of calculation correctness binaryzation

Table 8 network foundation dimension result of calculation correctness binaryzation

According to table 6,7,8 correctness statistics can calculate the stability of index system A1 on three dimensions and be respectively (3/5,2/5,2/5) promptly (0.6; 0.4,0,4), the stability of index system A2 on three dimensions is respectively (5/5; 1/5,2/5) promptly (1,0.2,0.4).

Then, compose the power method according to subjectivity three dimensions are composed weights: (W ₁W ₂W ₃)=(0.3 0.4 0.3), calculate the resistance to overturning of target index system.The stability of A1, A2 is respectively 0.46,0.5, explains that the stability of index system A1 is higher than A2.

Under laboratory environment; Utilize front network probe collection network initial data; Utilize index system A1, A2 Real-Time Evaluation network safety situation respectively; Formulate desired value according to the subjective feeling to network safety situation again, find index system A1 than the more network safety situation evaluation that obtains accord with expectation of A2, statistics is following under the laboratory environment:

Wherein high, normal, basic is that the network safety situation calculated value on average is divided into three sections from high to low, and the grade that obtains representes that calculated value is high-grade more high more.

Specific embodiment through preceding text can find out whether the method for estimating stability of multidimensional network safety index system provided by the present invention can both obtain the quality of an index system of angle assessment of correct assessment result from an index system under a plurality of different sample situation.For the rational evaluation of index system under the sequential environment or in the bigger environment of network source data movement effective method is provided.Especially the difference to different dimensions source data distribution characteristics adopts the mode of segmentation sampling to make that the evaluation of different dimensions stability is more fair and reasonable.And this method calculating is simple, is applicable to large-scale application.

Though the present invention is described through preferred embodiment, yet the present invention is not limited to described embodiment here, also comprises various changes and the variation done without departing from the present invention.

Claims (7)

1. A method for evaluating the stability of a multidimensional network security index system, said network security index system comprising L dimensions, said method comprising: Step 1) select n samples; Step 2) Calculate the calculation result Zi _ik of the kth dimension of the target index system under the i-th sample, 1≤i≤n, 1≤k≤L; Step 3) judging whether the calculation result is within an acceptable range, if within an acceptable range, mapping the calculation result Z _ik to 1, otherwise mapping the calculation result Z _ik to 0; Step 4) Calculate the stability S _k of the target index system on the k-th dimension, which should satisfy: $S_k=\frac{\underset{i=1}{\overset{\mathrm{no}}{\mathrm{\Σ}}}{Z}_{\mathrm{ik}}}{\mathrm{no}};$ Step 5) Calculate the overall stability S of the target index, which should satisfy:

in $\underset{k=1}{\overset{L}{\mathrm{\Σ}}}{W}_k=1.$ 2. The stability assessment method according to claim 1, wherein in step 2) calculating the k-th dimension of the target indicator system before the step of the calculation result under the i-sample also includes the n on the k-th dimension The step of sampling a sample, the sample includes different index items, and the sample abstraction includes the following steps: Select the maximum value D _min and the minimum value D _max from the same index item of n samples; Divide the sample interval [D _min , D _max ] into n interval segments, and the length of each interval segment is [D _min , D _max ]/n; Randomly draw a sample from each interval segment; Get the number of samples h used for calculation in the kth dimension, where h≤n; All index items of the sample are sampled according to the above steps. 3. the stability evaluation method according to claim 2, wherein, step 4) the stability _S on the kth dimension of the target index system is

1≤i≤h. 4. The stability assessment method according to claim 1, wherein the samples in step 1) are selected by the user according to the actual situation of the network or historical statistical data. 5. The stability assessment method according to claim 1, wherein step 3) the acceptable interval is set according to the granularity of network security situation division and user's own needs, or historical statistical data. 6. The stability evaluation method according to claim 1, wherein step 5) W _k is set by the user according to the importance of different dimensions to the user or the user's attention to it. 7. The stability evaluation method according to claim 2, wherein, when the calculation result is directly proportional to the sample logarithmic value, divide the sample interval [D _kmin , D _kmax ] after the logarithm, that is, to [logD _kmin , logD _kmax ] for uniform division.

Images