An Efficient Network Security Situation Assessment Method Based on AE and PMU

Wireless Communications and Mobile Computing ◽

10.1155/2021/1173065 ◽

2021 ◽

Vol 2021 ◽

pp. 1-9

Author(s):

Xiao-ling Tao ◽

Zi-yi Liu ◽

Chang-song Yang

Keyword(s):

Network Security ◽

Situation Awareness ◽

Large Scale ◽

Rapid Development ◽

Assessment Method ◽

Security Threat ◽

Situation Assessment ◽

Network Attack ◽

Novel Method ◽

Indicator Data

Network security situation assessment (NSSA) is an important and effective active defense technology in the field of network security situation awareness. By analyzing the historical network security situation awareness data, NSSA can evaluate the network security threat and analyze the network attack stage, thus fully grasping the overall network security situation. With the rapid development of 5G, cloud computing, and Internet of things, the network environment is increasingly complex, resulting in diversity and randomness of network threats, which directly determine the accuracy and the universality of NSSA methods. Meanwhile, the indicator data is characterized by large scale and heterogeneity, which seriously affect the efficiency of the NSSA methods. In this paper, we design a new NSSA method based on the autoencoder (AE) and parsimonious memory unit (PMU). In our novel method, we first utilize an AE-based data dimensionality reduction method to process the original indicator data, thus effectively removing the redundant part of the indicator data. Subsequently, we adopt a PMU deep neural network to achieve accurate and efficient NSSA. The experimental results demonstrate that the accuracy and efficiency of our novel method are both greatly improved.

Rapid Development of Adaptable Situation-Aware Service-based Systems

Advances in Web Services Research - Web Services Research for Emerging Applications ◽

10.4018/978-1-61520-684-1.ch006 ◽

2010 ◽

pp. 104-139 ◽

Cited By ~ 1

Author(s):

S.S. Yau ◽

S. Mukhopadhyay ◽

H. Davulcu ◽

D. Huang ◽

R. Bharadwaj ◽

...

Keyword(s):

Distributed Control ◽

Homeland Security ◽

Situation Awareness ◽

Service Composition ◽

Large Scale ◽

Rapid Development ◽

Control Flow ◽

Agent Platform ◽

Service Oriented ◽

Adaptive Workflows

Service-based systems have many applications, such as collaborative research and development, e-business, health care, military applications and homeland security. In these systems, it is necessary to provide users the capability of composing appropriate services into workflows offering higher-level functionality based on declaratively specified goals. In a large-scale and dynamic service-oriented computing environment, it is desirable that the service composition is automated and situation-aware so that robust and adaptive workflows can be generated. However, existing languages for web services are not expressive enough to model services with situation awareness (SAW) and side effects. This chapter presents an approach to rapid development of adaptable situation-aware service-based systems. This approach is based on the a-logic and a-calculus, and a declarative model for SAW. This approach consists of four major components: (1) analyzing SAW requirements using our declarative model for SAW, (2) translating the model representation to a-logic specifications and specifying a control flow graph in a-logic as the goal for situation-aware service composition., (3) automated synthesis of a-calculus terms that define situation-aware workflow agents for situation-aware service composition, and (4) compilation of a-calculus terms to executable components on an agent platform. An example of applying our framework in developing a distributed control system for intelligently and reliably managing a power grid is given.

Hierarchical Quantitative Assessment Method of Network Security Threat Situation

10.1145/3482632.3487515 ◽

2021 ◽

Author(s):

Xinlin Liu ◽

Wei Deng ◽

Ping Huang

Keyword(s):

Network Security ◽

Quantitative Assessment ◽

Assessment Method ◽

Security Threat ◽

Threat Situation

A Novel Method of Network Security Situation Assessment Based on Evidential Network

Machine Learning for Cyber Security - Lecture Notes in Computer Science ◽

10.1007/978-3-030-62223-7_46 ◽

2020 ◽

pp. 530-539

Author(s):

Xiang Li ◽

Xinyang Deng ◽

Wen Jiang

Keyword(s):

Network Security ◽

Situation Assessment ◽

Novel Method ◽

Evidential Network

An efficient method for network security situation assessment

International Journal of Distributed Sensor Networks ◽

10.1177/1550147720971517 ◽

2020 ◽

Vol 16 (11) ◽

pp. 155014772097151

Author(s):

Xiaoling Tao ◽

Kaichuan Kong ◽

Feng Zhao ◽

Siyan Cheng ◽

Sufang Wang

Keyword(s):

Neural Network ◽

Network Security ◽

Data Storage ◽

Input Data ◽

Back Propagation ◽

Back Propagation Neural Network ◽

Assessment Method ◽

Trend Prediction ◽

Situation Assessment ◽

Situational Assessment

Network security situational assessment, the core task of network security situational awareness, can obtain security situation by comprehensively analyzing various factors that affect network status. Thus, network security situational assessment can provide accurate security state evaluation and security trend prediction for users. Although plenty of network security situational assessment methods have been proposed, there are still many problems to solve. First, because of high dimensionality of input data, computational complexity in model construction could be very high. Moreover, most of the existing schemes trade computational overhead for accuracy. Second, due to the lack of centralized standard, the weights of indicators are usually determined empirically or by subjective opinions of domain expert. To solve the above problems, we propose a novel network security situation assessment method based on stack autoencoding network and back propagation neural network. In stack autoencoding network and back propagation neural network, to reduce the data storage overhead and improve computational efficiency, we use stack autoencoding network to reduce the dimensions of the indicator data. And the low-dimensional data output by hidden layer of stack autoencoding network will be the input data of the error back propagation neural network. Then, the back propagation neural network algorithm is adopted to perform network security situation assessment. Finally, extensive experiments are conducted to verify the effectiveness of the proposed method.

A Quantitative Network Situation Assessment Method Based on Stochastic Model

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.513-517.768 ◽

2014 ◽

Vol 513-517 ◽

pp. 768-771

Author(s):

Bo Yun Zhang

Keyword(s):

Network Security ◽

Stochastic Model ◽

Evaluation System ◽

Evaluation Method ◽

Assessment Method ◽

Security Evaluation ◽

Network Systems ◽

Situation Assessment ◽

Network Defense ◽

State Duration

This paper describes the basic models of network security state evaluation system and concentrates on researching the situation assessment method with stochastic model. In the paper, which makes use of the Hidden Semi-Markov Model (HsMM), tries to simulate the operation of network system. The alert statistics, deriving from network defense system, is used as data sources to realize the evaluation of network security situation. HsMM modifies the HMM model concerning the hypothesis of some state-duration time in relation to exponential distribution, which coincides the description of the network systems operation in the real world. The experimental results imply that HsMM is an ideal security evaluation method.

Research on situation awareness of network security assessment based on dempster-shafer

MATEC Web of Conferences ◽

10.1051/matecconf/202030902004 ◽

2020 ◽

Vol 309 ◽

pp. 02004 ◽

Cited By ~ 1

Author(s):

Weifa Zheng

Keyword(s):

Network Security ◽

Situation Awareness ◽

Evaluation Model ◽

Evidence Theory ◽

Security Assessment ◽

Situation Assessment ◽

Network Intrusion ◽

Event Information ◽

Multi Attribute Decision Making ◽

Security Device

There are a lot of uncertainties in the network security situation assessment that depends on is multi-source and heterogeneous. Therefore, the objective uncertainties must be described and dealt with in the process of network security situation assessment. This paper proposes a multi-attribute decision-making trust evaluation model based on D-S evidence theory in multi-source and heterogeneous environment. By collecting, processing and evaluating attack event information from many data sources of security device, it can effectively evaluate the possibility of network intrusion, and provide a new exploration for network security situation assessment.

Vehicle Network Security Situation Assessment Method Based on Attack Tree

IOP Conference Series Earth and Environmental Science ◽

10.1088/1755-1315/428/1/012021 ◽

2020 ◽

Vol 428 ◽

pp. 012021

Author(s):

Ruxiang Li ◽

Fei Li ◽

Jiayan Zhang

Keyword(s):

Network Security ◽

Assessment Method ◽

Situation Assessment ◽

Attack Tree ◽

Vehicle Network

A network security situation assessment method based on attack intention perception

2016 2nd IEEE International Conference on Computer and Communications (ICCC) ◽

10.1109/compcomm.2016.7924882 ◽

2016 ◽

Cited By ~ 4

Author(s):

Kou Guang ◽

Tang Guangming ◽

Ding Xia ◽

Wang Shuo ◽

Wang Kun

Keyword(s):

Network Security ◽

Assessment Method ◽

Situation Assessment

Network Security Situation Assessment Method Based on Markov Game Model

KSII Transactions on Internet and Information Systems ◽

10.3837/tiis.2018.05.027 ◽

2018 ◽

Vol 12 (5) ◽

Keyword(s):

Network Security ◽

Assessment Method ◽

Game Model ◽

Situation Assessment ◽

Markov Game

Application of Network Security Event Correlation Analysis and Situation Evaluation Technology

Forest Chemicals Review ◽

10.17762/jfcr.vi.201 ◽

2021 ◽

pp. 207-214

Author(s):

Yu Qing

Keyword(s):

Support Vector Machine ◽

Particle Swarm Optimization ◽

Network Security ◽

Correlation Analysis ◽

Situation Awareness ◽

Evaluation Method ◽

Particle Swarm ◽

Support Vector ◽

Situation Assessment ◽

Swarm Optimization

Network security situational awareness can integrate all aspects of network security elements. Through correlation analysis, information fusion, situation prediction and other technologies to realize the intelligent analysis and comprehensive decision-making of complex information systems, network security situation awareness can improve the management efficiency and effect of complex networks. In order to solve the problem of parameter optimization of existing situation assessment methods, the parameters of SVM model are optimized based on Particle Swarm Optimization PSO algorithm. This paper presents a network security situation assessment method based on PSO and SVM. Using this algorithm can get a better balance between time-consuming and improving accuracy. At the same time, the index weight is determined according to grey correlation analysis, and the training samples are input to support vector machine for training. In this paper, the improved particle swarm optimization algorithm is used to optimize the parameters of support vector machine to improve the effect of situation assessment. Simulation test results show that the evaluation method improves the effectiveness and accuracy of situation assessment.