论文信息 - A quantitative model for network security situation awareness based on immunity and grey theory

A quantitative model for network security situation awareness based on immunity and grey theory

To effectively evaluate and predict network security situation, a quantitative model for network security situation awareness based on artificial immune system and grey theory is proposed. In this model, the formal definitions of self, non-self, antigen and detector is given. According to the relationship between the antibody-concentration of memory detector and the attack intensity of network, network security situation evaluation sub-model based on artificial immune system is given. And to forecast the attack intensity that the current network faces in the next step, network situation predication sub-model based on grey theory is given. Experimental results exhibit that the proposed model provides a novel approach for network security situation awareness, and holds better characters of self-adaptability and real-time processing.

[1] Mica R. Endsley,et al. Design and Evaluation for Situation Awareness Enhancement , 1988 .

[2] Tim Bass,et al. Intrusion detection systems and multisensor data fusion , 2000, CACM.

[3] Stephanie Forrest,et al. Infect Recognize Destroy , 1996 .

[4] F. Azuaje. Artificial Immune Systems: A New Computational Intelligence Approach , 2003 .

[5] Tao Li,et al. An immunity based network security risk estimation , 2005, Science in China Series F: Information Sciences.

[6] Deng Julong,et al. Application of grey system theory in China , 1990, [1990] Proceedings. First International Symposium on Uncertainty Modeling and Analysis.

[7] T. Bass,et al. A glimpse into the future of id , 1999 .

[8] Wei Bao. Method of BX data producing for grey forecast and its application for enviornmental forecast , 2000 .

[9] Stephanie Forrest,et al. An immunological model of distributed detection and its application to computer security , 1999 .

[10] Jason Shifflet. A TECHNIQUE INDEPENDENT FUSION MODEL FOR NETWORK INTRUSION DETECTION , 2005 .