网络安全态势感知模型的研究进展

doi:10.16180/j.cnki.issn1007-7820.2024.06.013

Abstract

Abstract:

In response to the increasing number and forms of network attacks, different types and names of network security situational awareness models have received widespread attention and research from the academic community. In the context of the rapid popularization of information technology, hardware system, software vulnerabilities, and security vulnerabilities in daily application operations have led to an increasing number of ways and means of network attacks. However, a single type of network security monitoring and analysis tool is no longer suitable for the current development of network technology. By reviewing the research history and current status of network security situational awareness technology, this article summarizes and analyzes the theoretical development and engineering applications of situational awareness models, and discusses the shortcomings and deficiencies in relevant technical solutions. It also looks forward to the future research directions of network security situational awareness models.

Key words: network security, information security, situation awareness, malicious software, firewall, intrusion detection, flow analysis, log audit

CLC Number:

TP393.08

FANG Xiang. Research Progress in Network Security Situation Awareness Models[J].Electronic Science and Technology, 2024, 37(6): 98-102.

References 41

[1]	Kaspersky L. Global IT security risks survey[EB/OL].(2011-11-16)[2023-05-12]https://www.kaspersky.com.
[2]	Bass T. Multisensor data fusion for next generation distributed intrusion detection systems[C]. Boston: IRIS National Symposium on Sensor and Data Fusion,CiteSeer,1999:23-59.
[3]	Bass T. Intrusion detection systems and multisensor data fusion:Creating cyberspace situational awareness[J]. Communications of the ACM, 1999, 43(4):99-105.
[4]	O'Kane P, Sezer S, Mclaughlin K. Obfuscation:The hidden malware[J]. IEEE Security and Privacy, 2011, 9(5):41-47.
[5]	Bearavolu R, Lakkaraju K, Yurcik W, et al. A visualization tool for situational awareness of tactical and strategic security events on large and complex computer networks[C]. Philadelphia: Military Communications Conference,IEEE,2003:497-508.
[6]	Mica R E. Design and evaluation for situation awareness enhancement[J]. Proceedings of the Human Factors Society Annual Meeting, 1988, 32(2):97-101.
[7]	Onwubiko C. Functional requirements of situational awareness in computer network security[C]. Arlington: IEEE International Conference on Intelligence and Security Informatics,2009:556-570.
[8]	D'Amico A, Kocka M. Information assurance visualizations for specific stages of situational awareness and intended uses:lessons learned[C]. Santa Ana: IEEE Workshop on Visualization for Computer Security,2005:298-305.
[9]	Bass T. Cyberspace situational awareness demands mimic traditional command requirements[J]. Signal-Falls Church Virginia Then Fairfax, 2000, 54(6):83-84.
[10]	Endsley M R. Toward a theory of situation awareness in dynamic systems[J]. Human Factors, 1995, 37(1):32-64.
[11]	Mcguinness B, Foy L. Subjective measure of SA:The crew awareness rating scale[C]. Wichita: The Human Performance,Situation Awareness an Automation Conference,2000:896-902.
[12]	Lakkaraju K, Yurcik W, Lee A J. NVisionIP:NetFlow visualizations of system state for security situational awareness[C]. Colorado Springs: Workshop on Visualization and Data Mining for Computer Security,2004:59-68.
[13]	Yin X, Yurcik W, Li Y, et al. VisFlowConnect:Providing security situational awareness by visualizing network traffic flows[C]. Honolulu: IEEE International Conference on Performance,Computing,and Communications,2004:87-94.
[14]	Yin X, Yurcik W B, Treaster M, et al. VisFlowConnect:Netflow visualizations of link relationships for security situational awareness[C]. Guangzhou: ACM Workshop on Visualization and Data Mining for Computer Security,2004:3511-3521.
[15]	Yin X, Yurcik W, Slagell A J. The design of VisFlowConnect-IP:A link analysis system for IP security situational awareness[C]. Honolulu: IEEE International Workshop on Information Assurance,2005:89-96.
[16]	Lai J, Wang H, Liang Z. Study of network security situation awareness model based on simple additive weight and grey theory[C]. Beijing: International Conference on Computational Intelligence and Security,IEEE,2006:106-118.
[17]	Wei H, Li J, Shi J. A Novel approach to cyberspace security situation based on the vulnerabilities analysis[C]. Xi'an: World Congress on Intelligent Control and Automation,IEEE,2006:1623-1630.
[18]	Liu X, Wang H, Lai J, et al. Network security situation awareness model based on heterogeneous multi-sensor data fusion[C]. Wuhan: International Symposium on Computer and Information Sciences,IEEE,2007:597-608.
[19]	Liu X, Wang H, Lai J, et al. Multiclass support vector machines theory and its data fusion application in network security situation awareness[C]. Honolulu: International Conference on Wireless Communications,Networking and Mobile Computing,IEEE,2007:339-348.
[20]	Liu X, Yu J, Wang M L. Network security situation generation and evaluation based on heterogeneous sensor fusion[C]. Hangzhou: International Conference on Wireless Communications,Networking and Mobile Computing,IEEE,2009:668-675.
[21]	Zhang Y, Tan X, Xi H. A novel approach to network security situation awareness based on multi-perspective analysis[C]. Nanjing: International Conference on Computational Intelligence and Security,IEEE,2007:356-360.
[22]	Wang J, Zhang F L, Jing J, et al. Alert analysis and threat evaluation in network situation awareness[C]. Lanzhou: International Conference on Communications,Circuits and Systems,IEEE,2010:621-628.
[23]	Li Z, Goyal A, Yan C, et al. Towards situational awareness of large-scale botnet probing events[J]. IEEE Transactions on Information Forensics and Security, 2011, 6(1):175-188.
[24]	Preden J, Motus L, Meriste M, et al. Situation awareness for networked systems[C]. Omaha: IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support,2011:502-509.
[25]	Zhang H, Shi J, Chen X. A multi-level analysis framework in network security situation awareness[J]. Procedia Computer Science, 2013, 17(5):530-536.
[26]	Li F, Zhang X, Zhu J, et al. A improved network security situation awareness model[J]. Security and Safety, 2015, 2(5):85-89.
[27]	Singh M, Bhandari P. Building a framework for network security situation awareness[C]. Argentina: International Conference on Computing for Sustainable Global Development,IEEE,2016:1256-1263.
[28]	Xu G, Cao Y, Ren Y, et al. Network security situation awareness based on semantic ontology and user-defined rules for Internet of Things[J]. IEEE Access, 2017, 8(1):1-10.
[29]	Liu D L, Dong L I, Lei M A, et al. Research on electric power information systems network security situation awareness based on big data technology[C]. Changsha: The Third Annual International Conference on Electronics,Electrical Engineering and Information Science,2017:785-792.
[30]	Dongmei Z, Jinxing L. Study on network security situation awareness based on particle swarm optimization algorithm[J]. Computers and Industrial Engineering, 2018, 125(2):764-775.
[31]	Yue G, Zhang S. A network security situation awareness method based on multi-source information fusion[C]. Guangzhou: The Second International Forum on Management,Education and Information Technology Application,2018:985-996.
[32]	Chen D, Fu R, Song S, et al. Network security situation awareness of power dispatching automation system based on LDA-RBF[C]. Sanya: The Fifth IEEE International Conference on Cloud Computing and Intelligence Systems,2018:622-628.
[33]	Zhang H, Yi Y, Wang J, et al. Network security situation awareness framework based on threat intelligence[J]. Computers,Materials and Continua, 2018, 56(3):381-399.
[34]	Zhu B, Chen Y, Cai Y. Three kinds of network security situation awareness model based on big data[J]. International Journal of Network Security, 2019, 21(1):115-121.
[35]	Xiao J, Zhang B, Luo F. Distribution network security situation awareness method based on security distance[J]. IEEE Access, 2019, 10(3):37855-37864.
[36]	Zhang D, Qian K, Wang W, et al. Network security situation awareness technology based on multi-source heterogeneous data[C]. Nanjing: International Conference on Cyberspace Innovation of Advanced Technologies,2020:721-730.
[37]	Cao Y, Li X, Zhang S, et al. Design of network security situation awareness analysis module for electric power dispatching and control system[C]. Xi'an: The Second International Conference on Information Technology and Computer Application,2020:3019-3025.
[38]	Liu D. Prediction of network security based on DS evidence theory[J]. ETRI Journal, 2020, 42(5):799-804.
[39]	Zhao Z, Peng Y, Huang J, et al. An evaluation method of network security situation using data fusion theory[J]. International Journal of Performability Engineering, 2020, 16(7):1046-1057.
[40]	Wang X, Han Z, Yu R. Security situation prediction method of industrial control network based on ant colony-RBF neural network[C]. Qinhuangdao: International Conference on Big Data,Artificial Intelligence and Internet of Things Engineering,IEEE,2021:623-629.
[41]	Ding C, Chen Y, Algarni A M, et al. Application of fractal neural network in network security situation awareness[J]. Interdisciplinary Journal on the Complex Geometry of Nature, 2022, 30(2):1-13.

Research Progress in Network Security Situation Awareness Models

RichHTML

PDF (PC)

Like

Knowledge

Abstract

Cite this article

share this article

References 41

Related Articles 15

Metrics

Comments

Recommended 0

[1]	LIU Wei,ZENG Xiangyi,XIAO Hao. Design of SoC Secure Memory Based on Lightweight Block Cipher [J]. Electronic Science and Technology, 2023, 36(9): 15-20.
[2]	CHENG Biqian,LIU Guangzhu,XIAO Hao. Improved Montgomery Modular Multiplication Algorithm and FPGA Implementation [J]. Electronic Science and Technology, 2022, 35(7): 58-63.
[3]	FANG Kai,SHI Zhicai,JIA Yuanyuan. K-Anonymity Data Publishing Algorithm Based on Hybrid Clustering [J]. Electronic Science and Technology, 2022, 35(12): 78-83.
[4]	JIN Xin,FENG Yi,YOU Xuexi,WANG Jiaxin. Research on Information Security Equipment Deployment Guarantee Technology [J]. Electronic Science and Technology, 2020, 33(8): 80-86.
[5]	LI Kang. Network Security Situation Assessment Based on Multimodal Feature Fusion [J]. Electronic Science and Technology, 2020, 33(12): 28-31.
[6]	ZHAO Nengwu,LU Hongmin,XU Tao,HU Kuan,HE Chuanxia,MENG Xiaojiao. Design of Signal Source for Perimeter Intrusion Detection System Based on AD9910 [J]. Electronic Science and Technology, 2020, 33(1): 1-5.
[7]	LIU Chen,MA Sijun,NI Xueli. Attribute-Based Access Control for the Perception Layer of The Internet of Things [J]. Electronic Science and Technology, 2019, 32(9): 55-59.
[8]	XU Tao,ZHANG Yi,ZHAO Nengwu,WANG Yuhao,LI Minyue,LU Hongmin. Design and Implementation of a Receiver for Leaky Cable Intrusion Detection System [J]. Electronic Science and Technology, 2019, 32(12): 6-10.
[9]	LIU Dongwei. Network Information Security Management Technology Based on Intrusion Monitoring [J]. Electronic Science and Technology, 2019, 32(12): 68-71.
[10]	ZHA Hongze. Research on Information Security Evaluation Algorithm Based on Hierarchical Protection [J]. Electronic Science and Technology, 2019, 32(11): 78-82.
[11]	ZHANG Bingbing. Research on Discrete Event System for LAN Attack [J]. , 2017, 30(9): 169-.
[12]	MA Wen, ZHU Zhixiang, WU Chen, WAN Yi. Research on the FP-Growth Algorithm-Based Security Log Analysis System [J]. , 2016, 29(9): 94-.
[13]	LIAO Shan. Design and Development of Computer Room Network Architecture and Security System Based on VPN [J]. , 2016, 29(4): 187-.
[14]	ZHANG Yaoyuan, GUO Shuming, WANG Xiaoyu. Research on MANET Security Based on Intrusion Detection Technology [J]. , 2016, 29(11): 157-.
[15]	XU Zhi. A Spectrum Feature Based Algorithm for Hiding Information in Digital Audio [J]. , 2015, 28(8): 84-.