论文信息 - Multi-sensor Data Fusion for Cyber Security Situation Awareness

Multi-sensor Data Fusion for Cyber Security Situation Awareness

Abstract To analyze the influence of security incidents on a networked system and accurately evaluate system security, this paper proposes a novel cyber security situation assessment model, based on multi-heterogeneous sensors. By using D-S evidence theory, we fuse security data submitted from multi-sensors, according to the network topology and the importance of services and hosts. Moreover, we adopt the evaluation policy that from bottom to top and from local to global in this model. The evaluation of a simulated network indicates that the proposed approach is suitable for network environment, and the evaluation results are precise and efficient.

Yan Zhang | Shize Guo | Shuguang Huang | Junmao Zhu

[1] Yong Wei,et al. A Network Security Situational Awareness Model Based on Log Audit and Performance Correction: A Network Security Situational Awareness Model Based on Log Audit and Performance Correction , 2009 .

[2] Zhou Bing. Research on Network Security Situation Awareness System Architecture Based on Multi-source Heterogeneous Sensors , 2011 .

[3] Kari Sentz,et al. Combination of Evidence in Dempster-Shafer Theory , 2002 .

[4] Tan Xiao. Network Security Situation Awareness Approach Based on Markov Game Model , 2011 .

[5] Ying Liang,et al. Network security situation awareness based on heterogeneous multi-sensor data fusion and neural network , 2007 .

[6] Wei Yong. A Network Security Situational Awareness Model Based on Log Audit and Performance Correction , 2009 .

[7] Mica R. Endsley,et al. Design and Evaluation for Situation Awareness Enhancement , 1988 .

[8] Zhao Hong,et al. Network Security Situation Assessment Based on Data Fusion , 2008, First International Workshop on Knowledge Discovery and Data Mining (WKDD 2008).

[9] Gong Jian,et al. Intrusion Alert Correlation based on D-S Evidence Theory , 2007, 2007 Second International Conference on Communications and Networking in China.

[10] Chen Xiu. Quantitative Hierarchical Threat Evaluation Model for Network Security , 2006 .

[11] Tim Bass,et al. Intrusion detection systems and multisensor data fusion , 2000, CACM.