Research and Implementation of Network Security Situation Evaluation based on Information Fusion
Securitvsituation evaluation has become a hot topic in the network securitv area in recent years.Considering the existing situational evaluation methods in network security research,we propose a network security situational evaluation system based on information fusion to obtain more accurate detection results,which fuses the security events from a mass of alarms into hyper-alert by a modified D-S evidence theory.In addition,we adopt Bayes network theory to acquire the corresponding successful attack support by matching specific attack threat and vulnerability information which network nodes have and successful attacks depend on.This paper quantifies the security situation assessment from multiple modules respectively for asset,vulnerability and threat,which are comprehensive integrated for security situation awareness.Finally an example of actual network data sets is given to valid ate the network security situational evaluation system.The results show that it is more effective than the existing security situational evaluation methods.
network security situation evaluation information fusion D-S evidence theory Bayes network theory
国内会议
湖北恩施
英文
1-15
2014-09-13(万方平台首次上网日期,不代表论文的发表时间)