A network security situation evaluation method based on D-S evidence theory

Author

Qu, Zhao-Yang ; Li, Ya-Ying ; Peng Li

Author_Institution

Coll. of Inf. Eng., Northeast Dianli Univ., Jilin, China

Volume

2

fYear

2010

fDate

17-18 July 2010

Firstpage

496

Lastpage

499

Abstract

Considering the multi-source information lack of automation management, analysis and evaluation in network security field, a new network security situational evaluation model based on D-S evidence theory is proposed. This method fuses multi-source alarm information through D-S evidence theory, associates with nodes vulnerability information, integrates with the severity of threats, computes the value of network security situational assessment, and draws the security-situation-graph of network. Results of case analysis show that the novel algorithm can provide more objective and detailed extract situation information so that the security administrator may form a clearer picture for the whole network security situation.

Keywords

computer network security; inference mechanisms; D-S evidence theory; automation management; multisource alarm information; network security situation evaluation method; network security situational assessment; security situation graph; Algorithm design and analysis; Availability; Databases; Fires; Fuses; Security; Uncertainty; D-S evidence theory; network security; situation evaluation;

fLanguage

English

Publisher

ieee

Conference_Titel

Environmental Science and Information Application Technology (ESIAT), 2010 International Conference on

Conference_Location

Wuhan

Print_ISBN

978-1-4244-7387-8

Type

conf

DOI

10.1109/ESIAT.2010.5567380

Filename

5567380