Computer Science ›› 2023, Vol. 50 ›› Issue (5): 382-389.doi: 10.11896/jsjkx.220400134

• Information Security • Previous Articles    

Multi-source Fusion Network Security Situation Awareness Model Based on Convolutional Neural Network

CHANG Liwei1,2, LIU Xiujuan1, QIAN Yuhua2, GENG Haijun3, LAI Yuping4   

  1. 1 School of Information,Shanxi University of Finance and Economics,Taiyuan 030006,China
    2 Institute of Big Data Science and Industry,Shanxi University,Taiyuan 030006,China
    3 School of Automation and Software,Shanxi University,Taiyuan 030006,China
    4 School of Cyberspace Security,Beijing University of Posts and Telecommunications,Beijing 100876,China
  • Received:2022-04-13 Revised:2022-07-31 Online:2023-05-15 Published:2023-05-06
  • About author:CHANG Liwei,born in 1986,Ph.D,associate professor,is a member of China Computer Federation.His main research interests include quantum secure communication and network security situation awareness.
  • Supported by:
    Natural Science Foundation of Shanxi Province,China(20210302124290),Planning Subject for the 14th Five Year Plan of Education Sciences of Shanxi Province,China(GH-21600),Key R&D Program(International Science and Technology Cooperation Project) of Shanxi Province,China(201903D421003) and National Natural Science Foundation of China(62002210).

Abstract: For accurately calculating security situation of the whole network,a network security situation awareness model with five core elements is elaborated,which are traffic detection,attribute extraction,decision engine,multi-source fusion and situation assessment.In the traffic detection module,the network traffic detector and the intrusion detection detector are taken as a tool to grab the basic characteristics of traffic and malicious activity characteristics respectively; in the attribute extraction module,with the aim of precisely extracting key attributes,alarm messages,alarm types and connection characteristics,which contribute to describe malicious activities,are the center of attention; in the decision engine module,the key attribute data from attribute extraction is utilized as input,and CNN as an engine is employed to identify various kinds of attacks; in the multi-source fusion module,exponential weighted D-S fusion algorithm is used to effectively integrate the output of each decision engine to improve the identification rate of attack types; in the situation assessment module,in virtue of weight coefficient theory the threat levels are quantified,the hierarchical analysis method is applied to exactly get security situation of the whole network.Experimental results show that,there is a great difference in identifying varieties of attacks for different detectors,the proposed multi-source fusion algorithm can improve the accuracy of attack identification which can reach up to 92.76%,in such accuracy index our results are better than most research achievements,and the improvement of accuracy makes a great impact on accurately calculating and intuitively reflecting security situation of the whole network by means of hierarchical analysis method.

Key words: Network security situation awareness, Attack identification, Convolutional neural network, Multi-source fusion algorithm, Hierarchical analysis method

CLC Number: 

  • TP393
[1]ENSLEY M R.Toward a theory ofsituation awareness in dy-namic systems[J].Human Factors,1995,37(1):32-64.
[2]BASS T.Intrusion detection systems and multisensor data fusion[J].Communications of the ACM,2000,43(4):99-105.
[3]CHEN X Z,ZHENG Q H,GUAN X H,et al.Hierarchical Network Security Threat Situation Quantitative Assessment Me-thod[J].Journal of Software,2006(4):885-897.
[4]GONG Z H,ZHUO Y.Research on network situational aware-ness[J].Journal of Software,2010,21(7):1605-1619.
[5]GAN W D,ZHOU C,SONG B.Network Security Situation Prediction Model Based on RAN-RBF Neural Network[J].Computer Science,2016,43(S2):388-392.
[6]GONG J,ZANG X D,SU Q,et al.Survey of Network Security Situation Awareness[J].Journal of Software,2017,28(4):1010-1026.
[7]ZHAO D,LIU J.Study on network security situation awareness based on particle swarm optimization algorithm[J].Computers &Industrial Engineering,2018,125:764-775.
[8]CHEN W P,AO Z G,GUO J,et al.Security Assessment of Network Space Situation Awareness System Based on improved BP Neural Network[J].Computer Science,2018,45(S2):335-337,341.
[9]LIU X,YU J,LV W,et al.Network securitysituation:Fromawareness to awareness-control[J].Journal of Network and Computer Applications,2019,139:15-30.
[10]LI X,DUAN Y C.Network Security Situation AssessmentMethod Based on Improved Hidden Markov Model[J].Compu-ter Science,2020,47(7):287-291.
[11]QIAN J,LI S Y.Research on network security situation awareness Prediction based on RBF Neural Network[J].Security of Cyberspace,2020,11(5):62-67,73.
[12]CHANG L W,TIAN X X,ZHANG Y Q,et al.Network Security Situation Assessment System Based on Multi-source Heterogeneous Data Fusion[J].Journal of Intelligent Systems,2021,16(1):38-47.
[13]HE C R,ZHU J.Security situation prediction method of GRU neural network based on attention mechanism[J].Systems Engineering and Electronics,2021,43(1):258-266.
[14]ZHANG H,KANG C,XIAO Y.Research on Network Security Situation Awareness Based on the LSTM-DT Model[J].Sensors,2021,21(14):4788.
[15]LI Z,ZHAO D,LI X,et al.Network security situation prediction based on feature separation and dual attention mechanism[J].EURASIP Journal on Wireless Communications and Networking,2021,2021(1):1-19.
[16]CHEN J J.Multi-sensor Management and Information Fusion[D].Xi'an:Northwestern Polytechnical University,2002.
[17]WANG C R,XU R F,LEE S J,et al.Network intrusion detection using equality constrained-optimization-based extreme learning machines[J].Knowledge-Based Systems,2018,147:68-80.
[18]PAPAMARTZIVANOS D,MÁRMOL F G,KAMBOURAKISG.Dendron:Genetic trees driven rule induction for network intrusion detection systems[J].Future Generation Computer Systems,2018,79:558-574.
[19]LV L,WANG W,ZHANG Z,et al.A novel intrusion detection system based on an optimal hybrid kernel extreme learning machine[J].Knowledge-Based Systems,2020,195:105648.
[20]ZHANG H,LI J L,LIU X M,et al.Multi-dimensional featurefusion and stacking ensemble mechanism for network intrusion detection[J].Future Generation Computer Systems,2021,122:130-143.
[21]NAWIR M,AMIR A,YAAKOB N.Multi-classification of UNSW-NB15 Dataset for Network Anomaly Detection System[J].Journal of Theoretical and Applied Information Technology,2018,96(15):5094-5104.
[22]MILLAR K,CHENG A,CHEW H G,et al.Using convolutional neural networks for classifying malicious network traffic[C]//Deep Learning Applications for Cyber Security.Advanced Sciences and Technologies for Security Applications.Cham:Springer,2019:103-126.
[23]MUNA A L H,MOUSTAFA N,SITNIKOVA E.Identification of malicious activities in industrial internet of things based on deep learning models[J].Journal of Information Security and Applications,2018,41:1-11.
[24]ZHANG J,LING Y,FU X,et al.Model of the intrusion detection system based on the integration of spatial-temporal features[J].Computers & Security,2020,89:101681.
[1] LI Han, HOU Shoulu, TONG Qiang, CHEN Tongtong, YANG Qimin, LIU Xiulei. Entity Relation Extraction Method in Weapon Field Based on DCNN and GLU [J]. Computer Science, 2023, 50(6A): 220200112-7.
[2] XIONG Haojie, WEI Yi. Study on Multibeam Sonar Elevation Data Prediction Based on Improved CNN-BP [J]. Computer Science, 2023, 50(6A): 220100161-4.
[3] LUO Huilan, LONG Jun, LIANG Miaomiao. Attentional Feature Fusion Approach for Siamese Network Based Object Tracking [J]. Computer Science, 2023, 50(6A): 220300237-9.
[4] HUANG Yujiao, CHEN Mingkai, ZHENG Yuan, FAN Xinggang, XIAO Jie, LONG Haixia. Text Classification Based on Weakened Graph Convolutional Networks [J]. Computer Science, 2023, 50(6A): 220700039-5.
[5] LUO Ruiqi, YAN Jinlin, HU Xinrong, DING Lei. EEG Emotion Recognition Based on Multiple Directed Weighted Graph and ConvolutionalNeural Network [J]. Computer Science, 2023, 50(6A): 220600128-8.
[6] XU Changqian, WANG Dong, SU Feng, ZHANG Jun, BIAN Haifeng, LI Long. Image Recognition Method of Transmission Line Safety Risk Assessment Based on MultidimensionalData Coupling [J]. Computer Science, 2023, 50(6A): 220500032-6.
[7] WANG Jinwei, ZENG Kehui, ZHANG Jiawei, LUO Xiangyang, MA Bin. GAN-generated Face Detection Based on Space-Frequency Convolutional Neural Network [J]. Computer Science, 2023, 50(6): 216-224.
[8] ZHANG Xue, ZHAO Hui. Sentiment Analysis Based on Multi-event Semantic Enhancement [J]. Computer Science, 2023, 50(5): 238-247.
[9] WANG Lin, MENG Zuqiang, YANG Lina. Chinese Sentiment Analysis Based on CNN-BiLSTM Model of Multi-level and Multi-scale Feature Extraction [J]. Computer Science, 2023, 50(5): 248-254.
[10] YE Han, LI Xin, SUN Haichun. Convolutional Network Entity Missing Detection Method Combined with Gated Mechanism [J]. Computer Science, 2023, 50(5): 262-269.
[11] SHAO Yunfei, SONG You, WANG Baohui. Study on Degree of Node Based Personalized Propagation of Neural Predictions forSocial Networks [J]. Computer Science, 2023, 50(4): 16-21.
[12] CAO Chenyang, YANG Xiaodong, DUAN Pengsong. WiDoor:Close-range Contactless Human Identification Approach [J]. Computer Science, 2023, 50(4): 388-396.
[13] WANG Xiaofei, FAN Xueqiang, LI Zhangwei. Improving RNA Base Interactions Prediction Based on Transfer Learning and Multi-view Feature Fusion [J]. Computer Science, 2023, 50(3): 164-172.
[14] MEI Pengcheng, YANG Jibin, ZHANG Qiang, HUANG Xiang. Sound Event Joint Estimation Method Based on Three-dimension Convolution [J]. Computer Science, 2023, 50(3): 191-198.
[15] ZHOU Le-yuan, ZHANG Jian-hua, YUAN Tian-tian, CHEN Sheng-yong. Sequence-to-Sequence Chinese Continuous Sign Language Recognition and Translation with Multi- layer Attention Mechanism Fusion [J]. Computer Science, 2022, 49(9): 155-161.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!