Network Security Situation Elements Fusion Method Based on Ontology

Author

Cheng Si ; Hongqi Zhang ; Yongwei Wang ; Jiang Liu

Author_Institution

Zhengzhou Inf. Sci. & Technol. Inst., Zhengzhou, China

Volume

2

fYear

2014

Firstpage

272

Lastpage

275

Abstract

As current research can not solve the problem of making multi-source heterogeneous network security situation elements uniformly described, a network security situation elements fusion method based on ontology is proposed. Firstly, a fusion model is constructed which contains network environment, network vulnerability, network attack, network security incident and sensor as key class. Secondly, three fusion rules which contain alert aggregation, alert verification and attack session reconstruction are formulated by using Semantic Query-enhanced Web Rule Language. Finally, the application example shows that the method can make situation elements uniformly described. Security situation information has higher complementary and lower redundancy, which achieves better fusion effect.

Keywords

computer network security; ontologies (artificial intelligence); semantic Web; sensor fusion; alert aggregation; alert verification; attack session reconstruction; network attack; network environment; network security incident; network security situation element fusion method; network sensor; network vulnerability; ontology; semantic query-enhanced Web rule language; Communication networks; Fuses; OWL; Ontologies; Redundancy; Security; Semantics; fusion; network security situation; ontology; rule;

fLanguage

English

Publisher

ieee

Conference_Titel

Computational Intelligence and Design (ISCID), 2014 Seventh International Symposium on

Print_ISBN

978-1-4799-7004-9

Type

conf

DOI

10.1109/ISCID.2014.132

Filename

7081987