Title :
Network Security Situation Elements Fusion Method Based on Ontology
Author :
Cheng Si ; Hongqi Zhang ; Yongwei Wang ; Jiang Liu
Author_Institution :
Zhengzhou Inf. Sci. & Technol. Inst., Zhengzhou, China
Abstract :
As current research can not solve the problem of making multi-source heterogeneous network security situation elements uniformly described, a network security situation elements fusion method based on ontology is proposed. Firstly, a fusion model is constructed which contains network environment, network vulnerability, network attack, network security incident and sensor as key class. Secondly, three fusion rules which contain alert aggregation, alert verification and attack session reconstruction are formulated by using Semantic Query-enhanced Web Rule Language. Finally, the application example shows that the method can make situation elements uniformly described. Security situation information has higher complementary and lower redundancy, which achieves better fusion effect.
Keywords :
computer network security; ontologies (artificial intelligence); semantic Web; sensor fusion; alert aggregation; alert verification; attack session reconstruction; network attack; network environment; network security incident; network security situation element fusion method; network sensor; network vulnerability; ontology; semantic query-enhanced Web rule language; Communication networks; Fuses; OWL; Ontologies; Redundancy; Security; Semantics; fusion; network security situation; ontology; rule;
Conference_Titel :
Computational Intelligence and Design (ISCID), 2014 Seventh International Symposium on
Print_ISBN :
978-1-4799-7004-9
DOI :
10.1109/ISCID.2014.132
