Research Article
A improved Network Security Situation Awareness Model
@ARTICLE{10.4108/icst.mobimedia.2015.259032, author={Li Fangwei and Zhang Xinyue and Zhu Jiang and Wang Yan}, title={A improved Network Security Situation Awareness Model}, journal={EAI Endorsed Transactions on Security and Safety}, volume={2}, number={5}, publisher={EAI}, journal_a={SESA}, year={2015}, month={8}, keywords={ddos evaluation, improved cvss, combined weights, sqp, dapra2000}, doi={10.4108/icst.mobimedia.2015.259032} }- Li Fangwei
Zhang Xinyue
Zhu Jiang
Wang Yan
Year: 2015
A improved Network Security Situation Awareness Model
SESA
EAI
DOI: 10.4108/icst.mobimedia.2015.259032
Abstract
In order to reflect the situation of network security assessment performance fully and accurately, a new network security situation awareness model based on information fusion was proposed. Network security situation is the result of fusion three aspects evaluation. In terms of attack, to improve the accuracy of evaluation, a situation assessment method of DDoS attack based on the information of data packet was proposed. In terms of vulnerability, a improved Common Vulnerability Scoring System (CVSS) was raised and maked the assessment more comprehensive. In terms of node weights, the method of calculating the combined weights and optimizing the result by Sequence Quadratic Program (SQP) algorithm which reduced the uncertainty of fusion was raised. To verify the validity and necessity of the method, a testing platform was built and used to test through evaluating 2000 DAPRA data sets. Experiments show that the method can improve the accuracy of evaluation results.
Copyright © 2015 W. Yan et al., licensed to EAI. This is an open access article distributed under the terms of the Creative Commons Attribution licence (http://creativecommons.org/licenses/by/3.0/), which permits unlimited use, distribution and reproduction in any medium so long as the original work is properly cited.