Quantitative Evaluation Model of Network Security Situation Based on D-S Evidence Theory

Zhao, Zhongwei; Zhou, Tingting; Wang, Huan

doi:10.1109/dsa.2019.00057

Cited by 3 publications

(4 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To use the iForest anomaly detection method, it is necessary to determine the training sample size of the iTree in advance, that is, how many pieces of network data the iTree is constructed from, and the number of iTrees contained in the iForest [9]. The advantage of iForest algorithm in anomaly isolation is that it takes the features extracted from the data collected by the Internet of Things terminal as training samples and test samples.…”

Section: ( )mentioning

confidence: 99%

Design of heterogeneous network security device management platform based on multi-source data

Huang

Wang

et al. 2023

International Conference on Intelligent Systems, Communications, and Computer Networks (ISCCN 2023)

View full text Add to dashboard Cite

With the gradual expansion of network scale, network security problems caused by intrusion attacks and Trojan horse viruses follow. Network attacks are highly targeted and diverse. With a large number of Internet of Things devices in the power system connected to the Internet, the interaction of heterogeneous information and the rapid change of network structure drive the dynamic development of the Internet of Things environment. It further expands the attack surface that may be threatened, and constantly generates new weaknesses and threats. In this paper, a rule-based reasoning method for multi-source knowledge in the security of the Internet of Things was proposed. First, a description logic-based language to represent the classes in the model was adopted. Reasoning rules were designed to supplement the semantic representation ability of the description language, which is to realize the reasoning of implicit facts from multi-source heterogeneous knowledge and data in the security field of the Internet of Things. Compared with the entropy method, the model is proved to be effective in predicting the actual network security situation and has certain practical guiding significance for the actual network security management.

show abstract

Section: ( )mentioning

confidence: 99%

Design of heterogeneous network security device management platform based on multi-source data

Huang

Wang

et al. 2023

International Conference on Intelligent Systems, Communications, and Computer Networks (ISCCN 2023)

View full text Add to dashboard Cite

show abstract

“…The evidence theory and graph models are two of the most representative examples. Based on the evidence theory, for example, reference [6] proposed a network security threat situation assessment method based on unsupervised generation reasoning, which solves the shortcomings of high computational cost, time consuming and low efficiency of the supervised assessment method, and can more intuitively assess the overall situation of network threats; Reference [7] studied a network security situation assessment model based on DS evidence theory, which used principal component analysis (PCA) to preprocess the alarm data, adopted the improved DS evidence theory and combined the credibility of multi-source attack data to improve the alarm recognition rate. Based on the graph model, for example, reference [8] proposed a situation assessment method using the Seeker Optimization Algorithm to improve the hidden Markov model, which can more accurately assess the situation of network security, but there were irrelevant and false positive data in situation VOLUME XX, 2017 elements, which need further research on observation sequence; Reference [9] proposed a network security situation assessment method with Markov game model as the core and combined with four-level data fusion, which considered the interaction between attackers and defenders, so it was closer to reality and can assess the network security situation more accurately.…”

Section: ) Based On Knowledge Reasoningmentioning

confidence: 99%

“…Humpback whales not only move in a spiral manner, but also constantly narrow the search range. Therefore, assuming a 50% probability of switching between the contraction surrounding mechanism and the spiral model, the whale position is updated according to formulas ( 6) and (7).…”

Section: ) Spiral Predationmentioning

confidence: 99%

Network Security Situation Assessment Based on Improved WOA-SVM

et al. 2022

View full text Add to dashboard Cite

Network security situation assessment is an important means of understanding the current network security situation to provide a basis for taking security measures. To address the problem that the accuracy of existing network security situation assessment methods needs to be improved, this paper proposes a network security situation assessment method based on support vector machine (SVM) optimized by whale optimization algorithm (WOA) that is improved by adaptive weight (AW) combined with simulated annealing algorithm (SA). In this method, the SVM is embedded into the fitness function calculation of the improved WOA, and the global optimization characteristics of WOA are used to determine the optimal penalty parameter c and kernel function parameter g of the SVM. To solve the problem of the WOA being prone to falling into local extremum and slow convergence when solving large and complex data problems, an adaptive weight is used to adjust the whale position update coefficient, and a simulated annealing algorithm (SA) is used to increase random search factors to avoid falling into local extremum, so as to improve the global optimization ability. The experimental results show that this method is feasible, can assess the network security situation more accurately, and has better convergence than other assessment algorithms based on an improved SVM.

show abstract

“…Guo et al 31 adopted this method to evaluate the network security status and used it to analyze the possibility of DDoS attacks on the host. Zhao et al 32 adopted the D‐S evidence theory method combined with the credibility of multisource data to improve the alarm recognition rate of the security situation assessment model. Cheng et al 33 proposed a recommendation framework based on the improved D‐S evidence theory that integrates multiple information sources and minimizes the conflicts among the evidence.…”

Section: Introductionmentioning

confidence: 99%

Analyzing host security using D‐S evidence theory and multisource information fusion

Yao

Zhang

et al. 2020

Int J Intell Syst

View full text Add to dashboard Cite

Quantitative Evaluation Model of Network Security Situation Based on D-S Evidence Theory

Cited by 3 publications

References 6 publications

Design of heterogeneous network security device management platform based on multi-source data

Design of heterogeneous network security device management platform based on multi-source data

Network Security Situation Assessment Based on Improved WOA-SVM

Analyzing host security using D‐S evidence theory and multisource information fusion

Contact Info

Product

Resources

About