Research Of Self-decision System In Intelligent Security Defense Software

With the development of information technology and penetration of network applicationinto people's life, network information security becomes a focus. At the same time, the attacktechnology and means are renewing all the time, and the attack frequency is increasing, whichcauses more and more loss for the network users. So, how to protect the network securityeffectively and economically is the very problem needs to be dealt with. However, the existingsecurity defense software has many limitations, such as static structure, simplex function, weakdefense ability, lack of self-adaptation, and so on. It can't satisfy the need of network securitydevelopment. To improve this situation, intelligent security defense software should beresearched and exploited.This paper firstly introduces the framework and the principle of an intelligent securitydefense software (ISDS), and designed the extended ISDS system model. Then, ISDS's keyintelligent module—self-decision system is deeply researched. A hiberarchy self-decision systemis designed, and its realization mechanism is put forward. The detailed work is shown asfollowing:a) In allusion to the use of ISDS in distributed large-scale network, its system model isextended into two parts: Security Management Centre and Security Defense Entity. The extendedsystem model includes the security defense for different levels of network, reduces the systemload of defense nodes (such as terminal computers), and provides the security management forthe whole network.b) Considering the characteristic of ISDS's extended system model, a hiberarchyself-decision system is designed, including bottom decision level, middle decision level and highdecision level. The very system is free for extending and can satisfy the decision needs ofdifferent levels, purposes and granularities.c) The framework, working principle of self-decision system's bottom and middle decisionlevels are designed, together with the work mode of Sense Component, which takes charge ofinformation collection. Since the bottom decision level is simple, the middle decision level islucubrated. And a policy decision-making algorithm based on generalized weighted distance isproposed for the middle level.d) The self-decision system's high decision level is designed in detail. A network securitysituation evaluation model based on four elements is put forward, together with a networksecurity situation prediction algorithm. Furthermore, the decision-making mechanism based onthe level of security situation is introduced. e) An prototype system is realized based on the former research, which validates thefeasibility of the design and realization methods of ISDS self-decision system.