基于条件随机场的网络安全态势感知量化方法

2009 Fourth International Conference on Computer Sciences and Convergence Information Technology Pub Date : 2009-11-24 DOI:10.1109/ICCIT.2009.155

Jianping Li, Huiqiang Wang

{"title":"基于条件随机场的网络安全态势感知量化方法","authors":"Jianping Li, Huiqiang Wang","doi":"10.1109/ICCIT.2009.155","DOIUrl":null,"url":null,"abstract":"Network Security Situational Awareness(NSSA) has been a hot research spot in the network security domain. In this paper, a quantification method for NSSA based on conditional random fields(CRFs) was proposed. The data of network attacks from Intrusion Detection System (IDS), the hosts’ vulnerabilities and the hosts’ states were firstly combined as the network security factors. And then the network security threat degree was defined to quantify the risk of the whole network and classify the attacks. A diverse set of effective features were incorporated in CRFs Model. Finally the experiments on the DARPA 2000 data set generate the explicit network security situational graph. It proves that the method introduced in this paper can represent network risk more accurate and offer a good quantification for the network security situation.","PeriodicalId":112416,"journal":{"name":"2009 Fourth International Conference on Computer Sciences and Convergence Information Technology","volume":"34 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-11-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"A Quantification Method for Network Security Situational Awareness Based on Conditional Random Fields\",\"authors\":\"Jianping Li, Huiqiang Wang\",\"doi\":\"10.1109/ICCIT.2009.155\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Network Security Situational Awareness(NSSA) has been a hot research spot in the network security domain. In this paper, a quantification method for NSSA based on conditional random fields(CRFs) was proposed. The data of network attacks from Intrusion Detection System (IDS), the hosts’ vulnerabilities and the hosts’ states were firstly combined as the network security factors. And then the network security threat degree was defined to quantify the risk of the whole network and classify the attacks. A diverse set of effective features were incorporated in CRFs Model. Finally the experiments on the DARPA 2000 data set generate the explicit network security situational graph. It proves that the method introduced in this paper can represent network risk more accurate and offer a good quantification for the network security situation.\",\"PeriodicalId\":112416,\"journal\":{\"name\":\"2009 Fourth International Conference on Computer Sciences and Convergence Information Technology\",\"volume\":\"34 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-11-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2009 Fourth International Conference on Computer Sciences and Convergence Information Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCIT.2009.155\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 Fourth International Conference on Computer Sciences and Convergence Information Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCIT.2009.155","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

摘要

网络安全态势感知(NSSA)一直是网络安全领域的研究热点。本文提出了一种基于条件随机场(CRFs)的NSSA量化方法。首先结合入侵检测系统(IDS)的网络攻击数据、主机的漏洞和主机的状态作为网络安全因素。然后定义网络安全威胁程度，量化整个网络的风险并对攻击进行分类。CRFs模型中包含了多种有效特征。最后在DARPA 2000数据集上进行实验，生成了明确的网络安全态势图。实践证明，本文提出的方法能够更准确地表示网络风险，对网络安全状况提供了较好的量化。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A Quantification Method for Network Security Situational Awareness Based on Conditional Random Fields

Network Security Situational Awareness(NSSA) has been a hot research spot in the network security domain. In this paper, a quantification method for NSSA based on conditional random fields(CRFs) was proposed. The data of network attacks from Intrusion Detection System (IDS), the hosts’ vulnerabilities and the hosts’ states were firstly combined as the network security factors. And then the network security threat degree was defined to quantify the risk of the whole network and classify the attacks. A diverse set of effective features were incorporated in CRFs Model. Finally the experiments on the DARPA 2000 data set generate the explicit network security situational graph. It proves that the method introduced in this paper can represent network risk more accurate and offer a good quantification for the network security situation.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2009 Fourth International Conference on Computer Sciences and Convergence Information Technology

自引率

0.00%

发文量