Research on Network Security Situation Assessment Model Based on Fuzzy Hierarchy
Conference: ICMLCA 2021 - 2nd International Conference on Machine Learning and Computer Application
12/17/2021 - 12/19/2021 at Shenyang, China
Proceedings: ICMLCA 2021
Pages: 4Language: englishTyp: PDF
Personal VDE Members are entitled to a 10% discount on this title
Authors:
Wu, Tong; Tan, Xiaobo (School of Information Technology and Engineering, Shenyang Ligong University, ShenYang, China)
Abstract:
Situation assessment has a very important position and role in the research of network security situation awareness, and it provides an important basis for subsequent Internet security situation prediction models. The traditional hierarchical network security situation assessment model is overly dependent on IDS (Intrusion Detection System) in the assessment process. In the process of evaluating and calculating services, hosts and network systems, it is completely based on the statistics of IDS, and there is a lack of analysis and evaluation of the links between various alarm elements, which makes the evaluation results inaccurate. In order to solve the above problems, on the basis of obtaining network environment information, the result of the alarm matching process is first used to measure the value of the alarm success rate. Then, it analyzed the neglected alarm elements in the traditional evaluation model. That are: analyze the alarm threat, alarm success rate, and alarm cycle. Because the relationship between the three is complicated, it cannot be explained by a simple linear relationship. Therefore, the non-linear condition between factors is satisfied by constructing reasonable fuzzy rules and inference methods. Finally, based on the previous calculations, the service-level, host-level, and system-level evaluation values are obtained.