Title :
Security Evaluation Method Based on Host Resource Availability
Author :
Gao, Cuixia ; Li, Zhitang ; Song, Haigang
Author_Institution :
Sch. of Comput. Sci. & Technol., Huazhong Univ. of Sci. & Technol., Wuhan, China
Abstract :
After analyzing malicious attacks against host that affect the host resource usage a method is presented to evaluate the security situation of host system based on host resource availability. A group of factors that can reflect the host resource availability features in a fixed time window are selected as the evaluation metrics. Based on the large samples, the information entropy gain method is applied to determine the importance of evaluation results for different metrics. Then by using analytic hierarchy process (AHP) method, the evaluation results are regarded as the normalized abnormality value to evaluate the host risk status. If the value of host risk status is larger than the threshold then an alert is triggered. Experiments show that this method can reasonably evaluate the host risk status caused by most of attacks.
Keywords :
decision making; decision theory; entropy; feature extraction; resource allocation; security of data; AHP method; alert triggering; analytic hierarchy process method; anomaly detection; feature selection; fixed time window; host resource availability; host resource usage; host risk status evaluation; host security evaluation system; information entropy gain method; intrusion detection; malicious attack; normalized abnormality value; Availability; Bandwidth; Computer science; Computer security; Data security; Information entropy; Information security; Intrusion detection; Multimedia systems; Risk analysis; anomaly detection; host resource usage; risk evaluation;
Conference_Titel :
Multimedia and Ubiquitous Engineering, 2009. MUE '09. Third International Conference on
Conference_Location :
Qingdao
Print_ISBN :
978-0-7695-3658-3
DOI :
10.1109/MUE.2009.88
