Multiclass Support Vector Machines Theory and Its Data Fusion Application in Network Security Situation Awareness
Network Security Situation Awareness (NSSA) is an emerging technique in the field of network security and helps administrators to monitor the actual security situation of their networks. This paper mainly focuses on NSSA based on heterogeneous multisensor data fusion. We presented a model which adopted Snort and NetFlow as sensors to gather data from real network traffic. We employed Support Vector Machines as the fusion engine of our model and used efficient feature reduction approach to fuse the gathered data from heterogeneous sensors. Furthermore, we discussed the alert aggregation and security awareness generation techniques detailedly. Our model is proved to be feasible and effective through a series of experiments.
NSSA Multi-sensor data fusion Support Vector Machines Feature reduction
Xiaowu Liu Huiqiang Wang Jibo Lai Ying Liang Xiaowu Liu Chunmei Yang
College of Computer Science and Technology Harbin Engineering University Harbin, China College of Computer Science and Technology Qufu Normal University Rizhao, China
国际会议
上海
英文
2007-09-21(万方平台首次上网日期,不代表论文的发表时间)