{"title":"基于D-S证据理论的网络安全态势定量评价模型","authors":"Zhongwei Zhao, Tingting Zhou, Huan Wang","doi":"10.1109/DSA.2019.00057","DOIUrl":null,"url":null,"abstract":"This paper studies a network security situation assessment model based on D-S evidence theory for the problems that the assessment information source is too single and the accuracy deviation is too large in the situation awareness system. First, the model uses PCA to pre-process the alarm data to shorten the alarm processing time; secondly, it uses the improved DS evidence theory to combine the credibility of multi-source attack data and improve the alarm recognition rate; thirdly, by constructing three kinds of situation assessment indicators of vulnerability, threat and assets, it quantifies the situation component and improves the accuracy of the perception; fourthly, it also uses the weighted average method to synthesize the situation component; finally, the model and algorithm are verified by using network instance data and the results show the correctness of the method.","PeriodicalId":342719,"journal":{"name":"2019 6th International Conference on Dependable Systems and Their Applications (DSA)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Quantitative Evaluation Model of Network Security Situation Based on D-S Evidence Theory\",\"authors\":\"Zhongwei Zhao, Tingting Zhou, Huan Wang\",\"doi\":\"10.1109/DSA.2019.00057\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper studies a network security situation assessment model based on D-S evidence theory for the problems that the assessment information source is too single and the accuracy deviation is too large in the situation awareness system. First, the model uses PCA to pre-process the alarm data to shorten the alarm processing time; secondly, it uses the improved DS evidence theory to combine the credibility of multi-source attack data and improve the alarm recognition rate; thirdly, by constructing three kinds of situation assessment indicators of vulnerability, threat and assets, it quantifies the situation component and improves the accuracy of the perception; fourthly, it also uses the weighted average method to synthesize the situation component; finally, the model and algorithm are verified by using network instance data and the results show the correctness of the method.\",\"PeriodicalId\":342719,\"journal\":{\"name\":\"2019 6th International Conference on Dependable Systems and Their Applications (DSA)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 6th International Conference on Dependable Systems and Their Applications (DSA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/DSA.2019.00057\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 6th International Conference on Dependable Systems and Their Applications (DSA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DSA.2019.00057","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Quantitative Evaluation Model of Network Security Situation Based on D-S Evidence Theory
This paper studies a network security situation assessment model based on D-S evidence theory for the problems that the assessment information source is too single and the accuracy deviation is too large in the situation awareness system. First, the model uses PCA to pre-process the alarm data to shorten the alarm processing time; secondly, it uses the improved DS evidence theory to combine the credibility of multi-source attack data and improve the alarm recognition rate; thirdly, by constructing three kinds of situation assessment indicators of vulnerability, threat and assets, it quantifies the situation component and improves the accuracy of the perception; fourthly, it also uses the weighted average method to synthesize the situation component; finally, the model and algorithm are verified by using network instance data and the results show the correctness of the method.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
