Network Security Situation Awareness Method Based on Multi-Source and Multi-Level Information Fusion

Abstract

Abstract:

Abstract： A comprehensive overall network security situation awareness framework was proposed, fully considering mul-information sources and multilevel information fusion, which can dynamically produce the current network security situation from the three dimensions, accurately reflect the current network security situation, and easily find the abnormal component. Besides, a “3σ rule” to discretize continuous random variable was proposed that can establish a Bayesian network suitable for dealing with uncertain information fusion, providing important guidance to theory and practice. Making full use of network instance data, the model and algorithm are verified and the results show that the method is correct.

Key words: information fusion, Bayesian network, security situation awareness, multi-information sources

CLC Number:

TP 393

WEN Zhicheng1,2,CHEN Zhigang1,DENG Xiaoheng1,LIU Anfeng1. Network Security Situation Awareness Method Based on Multi-Source and Multi-Level Information Fusion[J]. Journal of Shanghai Jiaotong University, 2015, 49(08): 1144-1152.

References

［1］Bass T. Multisensor data fusion for next generation distributed intrusion detection systems［C］∥Proceedings of the'99 IRIS National Symposium. on Sensor and Data Fusion. Laurel：IEEE， 1999：2427.

［2］GONG ZhengHu, ZHUO Ying. Research on cyberspace situational awareness［J］. Journal of Software，2010， 21(7)：16051619.

［3］Jeffrey M, Bradshaw, Marco Carvalho, et al. Sol: An agentbased framework for cyber situation awareness［J］. Künstl Intell, Springer， 2012(26)：127140.

［4］张海霞，苏璞睿，冯登国. 基于攻击能力增长的网络安全分析模型［J］. 计算机研究与发展， 2007，44(12)：20122019.

ZHANG Haixia, SU Purui, FENG Dengguo. Network security analysis model based on t he increase in attack ability［J］. Journal of Computer Research andDevelopment，2007，44(12)：20122019.

［5］韦勇，连一峰，冯登国. 基于信息融合的网络安全态势感知模型［J］. 计算机研究与发展，2009，46(3)：353362.

WEI Yong, LIAN Yifeng, FENG Dengguo. A network security situational awareness model based on information fusion［J］. Journal of Computer Research and Development， 2009，46(3)：353362.

［6］刘效武，王慧强，赖积保, 等. 基于多源异质融合的网络安全态势生成与评价［J］. 系统仿真学报，2010，22(6)：14111415.

LIU Xiaowu, WANG Huiqiang, LAI Jibao, et al. Network necurity situation generation and evaluation based on heterogeneous multisensor fusion［J］. Journal of System Simulation， 2010，22(6)：14111415.

［7］张勇, 谭小彬, 崔孝林, 等. 基于Markov博弈模型的网络安全态势感知方法［J］. 软件学报， 2011，22(3)：495508.

ZHANG Yong, TAN Xiaobin, CUI Xiaolin, et al. Network security situation awareness approach based on Markov game model［J］. Journal of Software，2011，22(3)：495508.

［8］LIU Sunjun, YU Le, YANG Jin. Research on network security situation awareness technology based on AIS［J］. International Journal of Knowledge and Language Processing， 2011，2(2)：2334.

［9］Thomas R, Christel B, Martin R, et al. Wireless security situation awareness with attack identification decision support［C］∥2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS). Paris：IEEE， 2011：144151.

［10］谢丽霞，王亚超，于巾博. 基于神经网络的网络安全态势感知［J］. 清华大学学报:自然科学版，2013，53(12)：17501760.

XIE Lixia, WANG Yachao, YU Jinbo. Network security situation awareness based on neural networks［J］. Journal Tsinghua University：Science & Technology，2013，53(12)：17501760.

［11］黄同庆，庄毅. 一种实时网络安全态势预测方法［J］. 小型微型计算机系统， 2014，35(2)： 303306.

HUANG Tongqing, ZHUANG Yi. An approach to realtime network security situation prediction［J］. Journal of Chinese Computer Systems，2014，35(2)：303306.

[1]	LI Dong (李栋), FAN Yulin (樊钰琳), L v Na (吕娜), CHEN Guodong∗ (陈国栋), WANG Zheng (王正), CHI Wenzheng (迟文政). Safety Protection Method of Rehabilitation Robot Based on fNIRS and RGB-D Information Fusion [J]. J Shanghai Jiaotong Univ Sci, 2022, 27(1): 45-54.
[2]	MA Guohong (马国红), LI Jian (李健), HE Yinshui (何银水), XIAO Wenbo (肖文波). Weld Geometry Monitoring for Metal Inert Gas Welding Process with Galvanized Steel Plates Using Bayesian Network [J]. J Shanghai Jiaotong Univ Sci, 2021, 26(2): 239-244.
[3]	CHEN Wu, WANG Hao, ZHANG Guohua, WANG Chengtang, ZHONG Guoqiang. Evaluation of Tunnel Collapse Susceptibility Based on T-S Fuzzy Fault Tree and Bayesian Network [J]. Journal of Shanghai Jiaotong University, 2020, 54(8): 820-830.
[4]	TONG Pengfei, CHEN Hao, XU Xinpeng, ZHOU Ge. Study on Information Fusion Technology of Multi-missile Multi-target Collaborative Detection [J]. Air & Space Defense, 2020, 3(3): 54-62.
[5]	LI Dan (李丹), WANG Hongdong (王鸿东), LIANG Xiaofeng *(梁晓锋). Bayesian Network Based Approach for Diagnosis of Modified Sequencing Batch Reactor [J]. Journal of Shanghai Jiao Tong University (Science), 2019, 24(4): 417-429.
[6]	ZHOU Beibei, LIU Jue. Application of Intelligent Technology in Precision Strike System [J]. Air & Space Defense, 2019, 2(3): 77-83.
[7]	SHUAI Yong1;2 (帅勇), SONG Tailiang3 (宋太亮), WANG Jianping1 (王建平), ZHAN Wenbin4 (詹文斌). Hybrid Reliability Parameter Selection Method Based on Text Mining, Frequent Pattern Growth algorithm and Fuzzy Bayesian Network [J]. Journal of Shanghai Jiao Tong University (Science), 2018, 23(3): 423-.
[8]	GAO Xiaoting,YANG Dongsheng. Research on Operation Condition Monitoring Method of Intellectual Apparatus Based on Data Driven [J]. Journal of Shanghai Jiaotong University, 2017, 51(9): 1104-1110.
[9]	XU Gongguo1* (徐公国), DUAN Xiusheng1 (段修生), LU Hao2 (吕豪). Target Priority Determination Methods by Interval-Valued Intuitionistic Fuzzy Sets with Unknown Attribute Weights [J]. Journal of shanghai Jiaotong University (Science), 2017, 22(5): 624-632.
[10]	GONG Pengwei1,FEI Yanqiong1, 3, SONG Libo2. Road Recognition Method of WheelTracked Robot Based on#br# Multisensor Information Fusion [J]. Journal of Shanghai Jiaotong University, 2017, 51(4): 398-.
[11]	SHANG Qun-li1 (尚群立), ZHANG Zhen2 (张镇), XU Xiao-bin2* (徐晓滨). Dynamic Fault Diagnosis Using the Improved Linear Evidence Updating Strategy [J]. Journal of shanghai Jiaotong University (Science), 2015, 20(4): 427-436.
[12]	REN Fang-yu (任方宇), SI Shu-bin* (司书宾), CAI Zhi-qiang (蔡志强), ZHANG Shuai (张帅). Transformer Fault Analysis Based on Bayesian Networks and Importance Measures [J]. Journal of shanghai Jiaotong University (Science), 2015, 20(3): 353-357.
[13]	WANG Lina1,2,HUANG Bin3,GAO Xiaoying2,KANG Guohua3,SUN Yongrong3. Fusion Filtering Method Guided by Measurement Information in Integrated Navigation System [J]. Journal of Shanghai Jiaotong University, 2015, 49(09): 1394-1399.
[14]	WANG Xiuqing1,HOU Zengguang2,ZENG Hui3,L Feng1,PAN Shiying1. Fault Diagnosis of Robots Based on Multi-Sensor Information Fusion [J]. Journal of Shanghai Jiaotong University, 2015, 49(06): 793-798.
[15]	WANG Jiajing1,2,ZHANG Zhusheng1,HE Weiping1. Identification of Tools with Failure Barcode Based on Multi-Information Fusion [J]. Journal of Shanghai Jiaotong University, 2014, 48(12): 1675-1680.