Research on Network Security Situation Assessment and Quantification Method Based on Analytic Hierarchy Process

Wang, Huan; Chen, Zhanfang; Feng, Xia‐Ting; Di, Xiaoqiang; Liu, Dan; Zhao, Jianping; Xin, Shihe

doi:10.1007/s11277-017-5202-3

Cited by 35 publications

(17 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…They applied risk assessment techniques to calculate attack risk levels for a specific entity and offer some countermeasures for individual attack sequences. Similarly, H. Wang et al in [ 30 ] utilized a quantification method to enhance cyber-situational awareness. Analytic hierarchy process [ 31 , 32 ], along with D-S evidence theory [ 33 ], was utilized to fuse multi-source data, and eventually streamline the cyber-situational assessment process.…”

Section: State Of the Artmentioning

confidence: 99%

Towards a Machine Learning Based Situational Awareness Framework for Cybersecurity: An SDN Implementation

Nikoloudakis

Kefaloukos

Stylianos

et al. 2021

Sensors

View full text Add to dashboard Cite

The ever-increasing number of internet-connected devices, along with the continuous evolution of cyber-attacks, in terms of volume and ingenuity, has led to a widened cyber-threat landscape, rendering infrastructures prone to malicious attacks. Towards addressing systems’ vulnerabilities and alleviating the impact of these threats, this paper presents a machine learning based situational awareness framework that detects existing and newly introduced network-enabled entities, utilizing the real-time awareness feature provided by the SDN paradigm, assesses them against known vulnerabilities, and assigns them to a connectivity-appropriate network slice. The assessed entities are continuously monitored by an ML-based IDS, which is trained with an enhanced dataset. Our endeavor aims to demonstrate that a neural network, trained with heterogeneous data stemming from the operational environment (common vulnerability enumeration IDs that correlate attacks with existing vulnerabilities), can achieve more accurate prediction rates than a conventional one, thus addressing some aspects of the situational awareness paradigm. The proposed framework was evaluated within a real-life environment and the results revealed an increase of more than 4% in the overall prediction accuracy.

show abstract

Section: State Of the Artmentioning

confidence: 99%

Towards a Machine Learning Based Situational Awareness Framework for Cybersecurity: An SDN Implementation

Nikoloudakis

Kefaloukos

Stylianos

et al. 2021

Sensors

View full text Add to dashboard Cite

show abstract

“…Yang et al [8] proposed a cloud computing risk assessment model that used the Markov chain (MC) model to describe the random risk environment and measured the risk value through information entropy (IE). Wang et al [9] combined the analytic hierarchy process (AHP) with the hierarchical model of situational assessment and integrated the fuzzy results of multisource equipment with D-S evidence theory to solve the problem of single information source and large deviation of accuracy. Because the evaluation method based on the mathematical model is greatly influenced by subjective factors and there is no objective and unified standard definition variable, it is usually unable to achieve relatively perfect evaluation results.…”

Section: Related Workmentioning

confidence: 99%

An Unsupervised Learning-Based Network Threat Situation Assessment Model for Internet of Things

Yang

Zeng

Wang

et al. 2020

Security and Communication Networks

View full text Add to dashboard Cite

With the wide application of network technology, the Internet of Things (IoT) systems are facing the increasingly serious situation of network threats; the network threat situation assessment becomes an important approach to solve these problems. Aiming at the traditional methods based on data category tag that has high modeling cost and low efficiency in the network threat situation assessment, this paper proposes a network threat situation assessment model based on unsupervised learning for IoT. Firstly, we combine the encoder of variational autoencoder (VAE) and the discriminator of generative adversarial networks (GAN) to form the V-G network. Then, we obtain the reconstruction error of each layer network by training the network collection layer of the V-G network with normal network traffic. Besides, we conduct the reconstruction error learning by the 3-layer variational autoencoder of the output layer and calculate the abnormal threshold of the training. Moreover, we carry out the group threat testing with the test dataset containing abnormal network traffic and calculate the threat probability of each test group. Finally, we obtain the threat situation value (TSV) according to the threat probability and the threat impact. The simulation results show that, compared with the other methods, this proposed method can evaluate the overall situation of network security threat more intuitively and has a stronger characterization ability for network threats.

show abstract

“…Wang et al [6] designed a hierarchical NSSA method based on an analytic hierarchy process (AHP), which used the hierarchical cyber threat situation assessment (CSA) indicator system constructed by AHP to decide the network threat weight values. Wang et al [7] proposed an AHPbased NSSA and quantification method, which utilized the AHP and hierarchical situation assessment model to simplify the NSSA problem. Li et al [8] adopted fuzzy optimal clustering criteria combined with c-means clustering to process the indicator data, thus getting the number of clusters and the optimal clustering center.…”

Section: Introductionmentioning

confidence: 99%

An Efficient Network Security Situation Assessment Method Based on AE and PMU

Tao

Liu

Yang

2021

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

Network security situation assessment (NSSA) is an important and effective active defense technology in the field of network security situation awareness. By analyzing the historical network security situation awareness data, NSSA can evaluate the network security threat and analyze the network attack stage, thus fully grasping the overall network security situation. With the rapid development of 5G, cloud computing, and Internet of things, the network environment is increasingly complex, resulting in diversity and randomness of network threats, which directly determine the accuracy and the universality of NSSA methods. Meanwhile, the indicator data is characterized by large scale and heterogeneity, which seriously affect the efficiency of the NSSA methods. In this paper, we design a new NSSA method based on the autoencoder (AE) and parsimonious memory unit (PMU). In our novel method, we first utilize an AE-based data dimensionality reduction method to process the original indicator data, thus effectively removing the redundant part of the indicator data. Subsequently, we adopt a PMU deep neural network to achieve accurate and efficient NSSA. The experimental results demonstrate that the accuracy and efficiency of our novel method are both greatly improved.

show abstract

Research on Network Security Situation Assessment and Quantification Method Based on Analytic Hierarchy Process

Cited by 35 publications

References 11 publications

Towards a Machine Learning Based Situational Awareness Framework for Cybersecurity: An SDN Implementation

Towards a Machine Learning Based Situational Awareness Framework for Cybersecurity: An SDN Implementation

An Unsupervised Learning-Based Network Threat Situation Assessment Model for Internet of Things

An Efficient Network Security Situation Assessment Method Based on AE and PMU

Contact Info

Product

Resources

About