吉林大学学报(工学版) ›› 2013, Vol. 43 ›› Issue (06): 1650-1657.doi: 10.7964/jdxbgxb201306035

• paper • Previous Articles     Next Articles

Quantitative awareness of network security situation based on fusion

LIU Xiao-wu1, WANG Hui-qiang2, LYU Hong-wu2, AN Shu-zhao3   

  1. 1. College of Computer Science, Qufu Normal University, Rizhao 276826, China;
    2. College of Computer Science and Technology, Harbin Engineering University, Harbin 150001, China;
    3. School of Information Engineering Technology, College of Qingdao Hismile, Qingdao 266100, China
  • Received:2013-04-01 Online:2013-11-01 Published:2013-11-01

Abstract:

In order to solve the problems of multi-source fusion and quantitative awareness in the network security situation awareness, the particle swarm optimization is applied to search the exponent weight for different reliability data source for the D-S evidence fusion, and the multi-source fusion was obtained. Based on the fusion, the threaten gene acquisition method with adaptability was studied through the discretization to normal distribution, and the situation factor extraction was accomplished. According to the fusion and factor extraction, a formal network security situation awareness method was proposed. This method could generate service, host and network system level situation evolution curves. Simulation experiments show that the proposed fusion method can increase the detection rate and decrease the false detection rate. The formal quantitative method is able to be aware of the dynamic change of the threat and meets the goal of monitoring the network in an effective manner.

Key words: computer application, network security situation awareness, multi-source fusion, quantitative awareness

CLC Number: 

  • TP393.4

[1] Bass T. Intrusion detection systems and multisensor data fusion: creating cyberspace situational awarenes[J]. Communications of the ACM, 2000, 43(4): 99-105.

[2] 张勇, 谭小彬, 崔孝林,等. 基于Markov博弈模型的网络安全态势感知方法[J]. 软件学报,2011, 22(3):495-508. Zhang Yong, Tan Xiao-bin, Cui Xiao-lin, et al. Network security situation awareness approach based on markov game model[J]. Journal of Software, 2011, 22(3): 495-508.

[3] 王春雷,方兰,王东霞,等. 基于知识发现的网络安全态势感知系统[J]. 计算机科学,2012, 39(7):11-17,24. Wang Chun-lei, Fang Lan, Wang Dong-xia, et al. Network security situation awareness system based on knowledge discovery[J]. Computer Science,2012,39(7):11-17,24.

[4] Zhang Y, Huang S G, Guo S Z, et al. Multi sensor data fusion for cyber security situation awareness[J]. Procedia Environmental Sciences, 2011, 10(Part B): 1029-1034.

[5] 龚正虎, 卓莹. 网络态势感知研究[J]. 软件学报,2010, 21(7): 1605-1619. Gong Zheng-hu, Zhuo Ying. Research on cyberspace situational awareness[J]. Journal of Software, 2010, 21(7): 1605-1619.

[6] 陈秀真,郑庆华,管晓宏,等. 层次化网络安全威胁态势量化评估方法[J]. 软件学报, 2006, 17(4): 885-897. Chen Xiu-zhen, Zheng Qing-hua, Guan Xiao-hong, et al. Quantitative hierarchical threat evaluation model for network security[J]. Journal of Software, 2006, 17(4): 885-897.

[7] 韦勇, 连一峰, 冯登国. 基于信息融合的网络安全态势评估模型[J]. 计算机研究与发展, 2009, 46(3): 353-362. Wei Yong, Lian Yi-feng, Feng Deng-guo. A network security situational awareness model based on information fusion[J]. Journal of Computer Research and Development, 2009, 46(3): 353-362.

[8] Hu W, Li J, Jiang X, et al. A hierarchical algorithm for cyberspace situational awareness based on analytic hierarchy process[J]. High Technology Letters, 2007, 13(3): 291-296.

[9] 陈继军. 多传感器管理及信息融合[D]. 西安:西北工业大学自动化学院, 2002. Chen Ji-jun. Multi-sensor administration and information fusion[D]. Xi'an:School of Automation,Northwester Polytechnical University, 2002.

[10] 马琳茹, 杨林, 王建新. 多源异构安全信息融合关联技术研究[J]. 系统仿真学报, 2008, 20(4): 981-989. Ma Lin-ru, Yang Lin, Wang Jian xin. Research on security information fusion from multiple heterogeneous sensors[J]. Journal of System Simulation, 2008, 20(4): 981-989.

[11] 马鑫, 梁艳春, 田野, 等. 基于免疫机理与合同网协议的多Agent入侵检测系统[J]. 吉林大学学报:工学版,2011, 41(1): 176-181. Ma Xin, Liang Yang-chun, Tian Ye, et al. An immune and contract net protocol-based multi-agent intrusion detection system[J]. Journal of Jilin University (Engineering and Technology Edition), 2011, 41(1): 176-181.

[12] 邓亚平,杨佳,胡亚明. 动态分簇的异构传感器网络安全路由协议[J]. 重庆邮电大学学报:自然科学版,2011,23(3):336-342. Deng Ya-ping,Yang Jia,Hu Ya-ming. Dynamic cluster-based security routing protocol in HWSN[J]. Journal of Chongqing University of Posts and Telecommunications(Natural Science Edition), 2011,23(3):336-342.

[13] 李川川, 刘衍珩, 田大新. 基于序列模式的网络入侵检测系统[J]. 吉林大学学报:工学版,2007,37(1):121-125. Li Chuan-chuan, Liu Yan-heng, Tian Da-xin. Network intrusion detection system based on sequential patterns[J].Journal of Jilin University (Engineering and Technology Edition),2007,37(1):121-125.

[1] LIU Fu,ZONG Yu-xuan,KANG Bing,ZHANG Yi-meng,LIN Cai-xia,ZHAO Hong-wei. Dorsal hand vein recognition system based on optimized texture features [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1844-1850.
[2] WANG Li-min,LIU Yang,SUN Ming-hui,LI Mei-hui. Ensemble of unrestricted K-dependence Bayesian classifiers based on Markov blanket [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1851-1858.
[3] JIN Shun-fu,WANG Bao-shuai,HAO Shan-shan,JIA Xiao-guang,HUO Zhan-qiang. Synchronous sleeping based energy saving strategy of reservation virtual machines in cloud data centers and its performance research [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1859-1866.
[4] ZHAO Dong,SUN Ming-yu,ZHU Jin-long,YU Fan-hua,LIU Guang-jie,CHEN Hui-ling. Improved moth-flame optimization method based on combination of particle swarm optimization and simplex method [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1867-1872.
[5] LIU En-ze,WU Wen-fu. Agricultural surface multiple feature decision fusion disease judgment algorithm based on machine vision [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1873-1878.
[6] OUYANG Dan-tong, FAN Qi. Clause-level context-aware open information extraction [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1563-1570.
[7] LIU Fu, LAN Xu-teng, HOU Tao, KANG Bing, LIU Yun, LIN Cai-xia. Metagenomic clustering method based on k-mer frequency optimization [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1593-1599.
[8] GUI Chun, HUANG Wang-xing. Network clustering method based on improved label propagation algorithm [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1600-1605.
[9] LIU Yuan-ning, LIU Shuai, ZHU Xiao-dong, CHEN Yi-hao, ZHENG Shao-ge, SHEN Chun-zhuang. LOG operator and adaptive optimization Gabor filtering for iris recognition [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1606-1613.
[10] CHE Xiang-jiu, WANG Li, GUO Xiao-xin. Improved boundary detection based on multi-scale cues fusion [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1621-1628.
[11] ZHAO Hong-wei, LIU Yu-qi, DONG Li-yan, WANG Yu, LIU Pei. Dynamic route optimization algorithm based on hybrid in ITS [J]. 吉林大学学报(工学版), 2018, 48(4): 1214-1223.
[12] HUANG Hui, FENG Xi-an, WEI Yan, XU Chi, CHEN Hui-ling. An intelligent system based on enhanced kernel extreme learning machine for choosing the second major [J]. 吉林大学学报(工学版), 2018, 48(4): 1224-1230.
[13] FU Wen-bo, ZHANG Jie, CHEN Yong-le. Network topology discovery algorithm against routing spoofing attack in Internet of things [J]. 吉林大学学报(工学版), 2018, 48(4): 1231-1236.
[14] CAO Jie, SU Zhe, LI Xiao-xu. Image annotation method based on Corr-LDA model [J]. 吉林大学学报(工学版), 2018, 48(4): 1237-1243.
[15] HOU Yong-hong, WANG Li-wei, XING Jia-ming. HTTP-based dynamic adaptive streaming video transmission algorithm [J]. 吉林大学学报(工学版), 2018, 48(4): 1244-1253.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!