Title :
A novel stochastic modeling method for network security situational awareness
Author :
Liang, Y. ; Wang, H.Q. ; Cai, H.B. ; He, Y.J.
Author_Institution :
Harbin Eng. Univ., Harbin
Abstract :
Hidden Markov model (HMM) is used to model network security situational awareness (NSA). Distribution of abnormal behaviors in networked system and operational states of key network services are abstracted by Markov chains, modeling objects of the HMM´s dual stochastic processes are set up, and classic Baum-Welch algorithm is used to estimate the parameters of the established stochastic mathematical model, then the stochastic modeling for network security situational awareness based upon HMM is realized. The simulation experimental results in LAN show that the model can effectively analyze and validate network security situation, and it is a novel attempt in achieving network security situational awareness, which prompts the development of theoretical researches in the field of NSA at a certain degree.
Keywords :
hidden Markov models; local area networks; telecommunication security; Baum-Welch algorithm; LAN; Markov chains; dual stochastic processes; hidden Markov model; network security situational awareness; stochastic mathematical model; stochastic modeling method; Computer science; Computer security; Hidden Markov models; Industrial electronics; Information security; Intrusion detection; Mathematical model; Stochastic processes; Stochastic systems; Visualization;
Conference_Titel :
Industrial Electronics and Applications, 2008. ICIEA 2008. 3rd IEEE Conference on
Conference_Location :
Singapore
Print_ISBN :
978-1-4244-1717-9
Electronic_ISBN :
978-1-4244-1718-6
DOI :
10.1109/ICIEA.2008.4582951
