TY - GEN
T1 - A Network Security Situation Analysis framework based on information fusion
AU - Zhang, Songmei
AU - Yao, Shan
AU - Ye, Xin'En
AU - Xia, Chunhe
PY - 2011
Y1 - 2011
N2 - With the rapid development of the Internet, the network structure becomes larger and more complicated and attacking methods are more sophisticated, too. To enhance network security, Network Security Situation Analysis (NSSA) technology is a research hot spot in the network security domain. But at present, the NSSA framework and model which not only analyze the affected results of the network security but also the process how the network security is affected are less. In this paper, a novel NSSA framework is presented. The framework includes two parts: calculate the Network Security Situation Value (NSSV) and discover intrusion processes. NSSA quantitative assesses the impact on network security caused by attacks upon Analytical Hierarchy Process (AHP) and hierarchical network structure. Based on attack classification, intrusion processes discover the process how network security is affected. At last from the experiments results, NSSV exactly changes as attacks take place and the accurate intrusion processes are discovered. The applicability of the framework and algorithms are verified.
AB - With the rapid development of the Internet, the network structure becomes larger and more complicated and attacking methods are more sophisticated, too. To enhance network security, Network Security Situation Analysis (NSSA) technology is a research hot spot in the network security domain. But at present, the NSSA framework and model which not only analyze the affected results of the network security but also the process how the network security is affected are less. In this paper, a novel NSSA framework is presented. The framework includes two parts: calculate the Network Security Situation Value (NSSV) and discover intrusion processes. NSSA quantitative assesses the impact on network security caused by attacks upon Analytical Hierarchy Process (AHP) and hierarchical network structure. Based on attack classification, intrusion processes discover the process how network security is affected. At last from the experiments results, NSSV exactly changes as attacks take place and the accurate intrusion processes are discovered. The applicability of the framework and algorithms are verified.
KW - AHP
KW - Computer Network Defense
KW - attak classification
KW - network security situation Analysis
UR - https://www.scopus.com/pages/publications/80054753574
U2 - 10.1109/ITAIC.2011.6030216
DO - 10.1109/ITAIC.2011.6030216
M3 - 会议稿件
AN - SCOPUS:80054753574
SN - 9781424486236
T3 - Proceedings - 2011 6th IEEE Joint International Information Technology and Artificial Intelligence Conference, ITAIC 2011
SP - 326
EP - 332
BT - Proceedings - 2011 6th IEEE Joint International Information Technology and Artificial Intelligence Conference, ITAIC 2011
T2 - 2011 6th IEEE Joint International Information Technology and Artificial Intelligence Conference, ITAIC 2011
Y2 - 20 August 2011 through 22 August 2011
ER -