Title :
A network security situation evaluation method based on D-S evidence theory
Author :
Qu, Zhao-Yang ; Li, Ya-Ying ; Peng Li
Author_Institution :
Coll. of Inf. Eng., Northeast Dianli Univ., Jilin, China
Abstract :
Considering the multi-source information lack of automation management, analysis and evaluation in network security field, a new network security situational evaluation model based on D-S evidence theory is proposed. This method fuses multi-source alarm information through D-S evidence theory, associates with nodes vulnerability information, integrates with the severity of threats, computes the value of network security situational assessment, and draws the security-situation-graph of network. Results of case analysis show that the novel algorithm can provide more objective and detailed extract situation information so that the security administrator may form a clearer picture for the whole network security situation.
Keywords :
computer network security; inference mechanisms; D-S evidence theory; automation management; multisource alarm information; network security situation evaluation method; network security situational assessment; security situation graph; Algorithm design and analysis; Availability; Databases; Fires; Fuses; Security; Uncertainty; D-S evidence theory; network security; situation evaluation;
Conference_Titel :
Environmental Science and Information Application Technology (ESIAT), 2010 International Conference on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-7387-8
DOI :
10.1109/ESIAT.2010.5567380
