| 2018 2nd annual International Conference on Cloud Technology and Communication Engineering | |
| A Multi-source Alarm Information Fusion Processing Method for Network Attack Situation | |
| 计算机科学;无线电电子学 | |
| Du, Jiawei^1 ; Guo, Ronghua^1 ; Suo, Guowei^1 ; Zhang, Xing^1 | |
| LEETC, Zhoushan Road 17#, Luoyang City, Henan Province, China^1 | |
| 关键词: Association analysis; Attribute similarity; D S evidence theory; Network security situations; Security equipments; Security situational awareness; Supporting technology; Vulnerability informations; | |
| Others : https://iopscience.iop.org/article/10.1088/1757-899X/466/1/012050/pdf DOI : 10.1088/1757-899X/466/1/012050 |
|
| 学科分类:计算机科学(综合) | |
| 来源: IOP | |
 PDF
|
|
【 摘 要 】
Data fusion technology is one of the key supporting technologies for network security situational awareness. This paper focuses on the research of multi-source alarm information fusion processing method, analyzes the level of network security situation perception data processing, and gives the process of processing data using data fusion technology. It takes the alarm information of network security equipment as the data source, and puts forward the theory of attribute similarity clustering and weighted D-S evidence theory. Source data fusion and vulnerability information association analysis are three ways to integrate multi-source alarm information fusion for network attack situation. This method takes a comprehensive consideration of the alarm information with a number of devices, and filters and fuses the alarm. It can reduce the number of alarm and make the final warning results better reflect the attack situation in the network.
【 预 览 】
| Files | Size | Format | View |
|---|---|---|---|
| A Multi-source Alarm Information Fusion Processing Method for Network Attack Situation | 189KB |  download |
878987797
028-85220240
