| Network security situation awareness(NSSA)can significantly enhance the security of large-scale network,which is a hot research field now.This thesis mainly focused on data fusion technologies used in NSSA,and made useful explorations of heterogeneous data’s format standardization and fusion problems by constructing a rational network security situation index system and improving D-S evidence theory.The main work is as follows:1.Constructed a new network security situation index system.This thesis proposed a new hierarchical network security situation index system based on network security risk assessment module against the complex composition and lots of data types of network security situation,and designed the standardized format of network security data which was from different data sources based on XML.2.Proposed a new basic probability assignment construction method.The basic probability assignment must be constructed before synthesizing the network security data.Aimed to the defects of the basic probability assignment methods based on triangular fuzzy numbers,a new method with a adjustment factor was proposed and its validity was proved by using the public data sets.3.Proposed an improved method to D-S evidence theory based on iterative synthesis.To solve the synthesis failure problem of highly conflicting data,the improved method uses a comprehensive discount factor which is made up of the reliability of evidence sources and supports of the evidences,and increases the final synthesis results by using iterative synthesis,it’s also stable and scalable,which can meet different precision and large-scale synthesis requirements.4.Evaluated the effect of the improved algorithm by using simulations.Simulations of host vulnerabilities and DOS attacks data were carried on by using the new basic probability assignment construction method and the improved synthesis method,the results show that the data fusion method based the improved D-S evidence theory is applicable and effective in NSSA. |
PDF Full Text Request