Title :
Network security situation awareness model based on heterogeneous multi-sensor data fusion
Author :
Liu, Xiaowu ; Wang, Huiqiang ; Lai, Jibao ; Liang, Ying
Author_Institution :
Harbin Eng. Univ., Harbin
Abstract :
Network security situation awareness (NSSA) is an emerging technique in the Held of network security and it helps security analysts to be aware of the actual security situation of their networks. In this paper we presented a novel NSSA model based on multi-sensor data fusion and multi-class support vector machines. In our model, we adopted Snort and NetFlow as two sensors to gather data from network traffic. We employed multi-class support vector machines as fusion engine of our model in combination with an efficient feature reduction approach to fuse the gathered data from heterogeneous sensors. Furthermore, we discussed the alert aggregation algorithm and the security situation awareness generation techniques detailedly. Our model is proved to be feasible and effective through a series of experiments.
Keywords :
security of data; sensor fusion; support vector machines; NetFlow; Snort; heterogeneous multi-sensor data fusion; multi-class support vector machines; network security situation awareness model; network traffic; Data security; Engines; Fuses; Fusion power generation; Monitoring; Protection; Sensor fusion; Support vector machines; Telecommunication traffic; Traffic control;
Conference_Titel :
Computer and information sciences, 2007. iscis 2007. 22nd international symposium on
Conference_Location :
Ankara
Print_ISBN :
978-1-4244-1363-8
Electronic_ISBN :
978-1-4244-1364-5
DOI :
10.1109/ISCIS.2007.4456876
