Research On Network Security Situational Awareness Based On Bayesian Method

In recent years, the network security problem is particularly prominent because of the freedom and openness of the network. Moreover, The frequent occurrence of network security threaten the user’s privacy information and property safety. Thus network security situational awareness technology research is of great importance to our society and also have been made great achievements recently. However, most of the current methods have great limitations, such as a single source of information, the range of perception limitations, the applicability of the method is poor and so on. Therefore, a new method is studied in this thesis mainly for network security situational awareness based on bayesian,which includes:First of all, proposed the establishment of a network security situational awareness model based on Bayesian method. The existing NSSA model is refined by taking into full account the various factors that influence the network security. What’s more, combining with the relationship between the components of network system structure, a network security situation assessment model with four different levels is build. Because of the uncertainty of network security situation, we utilize Bayesian method and build Bayesian network structure based on scoring search method, then correction network topology structure through the Bayesian scoring function.Secondly, proposed a kind of situation factor quantification method based on improved CAIM algorithm. We establish a proper network security situational awareness evaluation system based on the model. In order to meet the demand of different level of situational awareness and facilitate the decision makers to know the status of network security, we make quantitative analysis of each level of the factor. In the data preprocessing, we utilize an improved CAIM algorithm to discretize continuous random variable so as to determine the quantization level situational factor value. We take effect the quantitative classification method to determine values as the weight between different situation factors, which to some extent avoid the inaccuracy of subjective selection.Finally, according to the hierarchical structure, we make the data fusion based on Bayesian inference layer by layer to get the security situation of different levels, which can provide support for top management.Finally, it is the experiment. Using DARPA1999 intrusion detection data set and VAST Challenge 2012 data set, the network security situational awareness of the proposed model and algorithm are verified. Numerical results show that the proposed method is effective.