Hierarchical network threat situation assessment method for DDoS based on D-S evidence theory

2017 IEEE International Conference on Intelligence and Security Informatics (ISI) Pub Date : 2017-07-22 DOI:10.1109/ISI.2017.8004873

Liu Zihao, Zhang Bin, Zhuo Ning, Li Lixun

{"title":"Hierarchical network threat situation assessment method for DDoS based on D-S evidence theory","authors":"Liu Zihao, Zhang Bin, Zhuo Ning, Li Lixun","doi":"10.1109/ISI.2017.8004873","DOIUrl":null,"url":null,"abstract":"In order to effectively evaluate the impact on network situation under DDoS attacks, this paper proposes a hierarchical network threat situation assessment method based on D-S evidence theory for DDoS. It is divided into the basic data acquisition layer, the metric indexes extraction layer, the device threat assessment layer and the threat situation assessment layer. Firstly, we calculate indexes that represent degrees of host resources consumption and qualities of network from the basic running data. Next, the D-S evidence theory is used to fuse above indexes, which assesses impact on the network of each device caused by DDoS attacks. Then, on the basis of service importance principle, we calculate the weight value of each device in the network. Furthermore, the threat situation value is obtained through weighted algorithm. Finally, experimental results show that the proposed method can vividly reflect the impact of DDoS attacks on the network security threat situation. Keywords-component; DDoS attack; hierarchical; threat situation assessment; D-S theory; service importance principle","PeriodicalId":423696,"journal":{"name":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE International Conference on Intelligence and Security Informatics (ISI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISI.2017.8004873","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

Abstract

In order to effectively evaluate the impact on network situation under DDoS attacks, this paper proposes a hierarchical network threat situation assessment method based on D-S evidence theory for DDoS. It is divided into the basic data acquisition layer, the metric indexes extraction layer, the device threat assessment layer and the threat situation assessment layer. Firstly, we calculate indexes that represent degrees of host resources consumption and qualities of network from the basic running data. Next, the D-S evidence theory is used to fuse above indexes, which assesses impact on the network of each device caused by DDoS attacks. Then, on the basis of service importance principle, we calculate the weight value of each device in the network. Furthermore, the threat situation value is obtained through weighted algorithm. Finally, experimental results show that the proposed method can vividly reflect the impact of DDoS attacks on the network security threat situation. Keywords-component; DDoS attack; hierarchical; threat situation assessment; D-S theory; service importance principle

查看原文本刊更多论文

基于D-S证据理论的DDoS分层网络威胁态势评估方法

为了有效评估DDoS攻击对网络态势的影响，本文提出了一种基于D-S证据理论的DDoS分层网络威胁态势评估方法。它分为基础数据采集层、度量指标提取层、设备威胁评估层和威胁态势评估层。首先，从基本运行数据中计算表征主机资源消耗程度和网络质量的指标;接下来，利用D-S证据理论对上述指标进行融合，评估DDoS攻击对各设备网络的影响。然后，根据业务重要性原则，计算出网络中各设备的权重值。在此基础上，通过加权算法得到威胁态势值。最后，实验结果表明，本文提出的方法能够形象地反映DDoS攻击对网络安全威胁的影响情况。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2017 IEEE International Conference on Intelligence and Security Informatics (ISI)

自引率

0.00%

发文量