For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
Numerical Simulation on Soil Arch Effect and Load Reduction Mechanism Using EPS of High Fill Culvert
p.879
A General Model of Contention-Tolerant Crossbar Switch
p.891
A New Method for Eliminating False Lock in TT&C
p.895
A New Method for Security Isolation and Data Transfer
p.902
A Novel and Practical Method for Network Security Situation Prediction
p.907
A Novel File Hierarchy Access Control Scheme Using Attribute-Based Encryption
p.911
A Security Power Defense System Based on Cloud Computing
p.919
A Two-Layer Hybrid Trust Mechanism Based on Agent Trust
p.923
An APT Trojan Detection Method Based on Memory Forensics Techniques
p.927

A Novel and Practical Method for Network Security Situation Prediction

Article Preview

Abstract:

The real-time prediction of network security situation can significantly improve the monitoring and emergency response capability of the network. However, in practice, if there are a large amount of false predictions, the network administrators should become insensitive and will finally ignore all prediction results. In this paper, we try to solve this issue and propose a novel False Positive Adaptive (FPA) method for network security situation prediction. The main idea of our method is using extra information to reduce the number of false positives in prediction. In the model training step, we take advantage of host and network information to eliminate meaningless alerts produced by security tools such as Intrusion Detection System (IDS) and firewall, thus assuring the accuracy of the training samples. In the prediction step, we utilize the detection information from security tools to confirm the prediction results automatically. If the previous predictions are not detected, they will be considered as false positives and the prediction model will be retrained by incremental learning. In our work, the model training and incremental learning is accomplished efficiently by neural network and boosting algorithm.

You might also be interested in these eBooks
Industrial Engineering, Computation and Information Technologies View Preview

Info:

Periodical:

Applied Mechanics and Materials (Volumes 701-702)

Pages:

907-910

DOI:

https://doi.org/10.4028/www.scientific.net/AMM.701-702.907

Citation:

Cite this paper

Online since:

December 2014

Authors:

Gao Feng He*, Tao Zhang, Yuan Yuan Ma, Xiao Juan Guan

Keywords:

Boosting Algorithm, Incremental Learning, Network Security Situation Prediction, Threat Confirmation

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2015 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

* - Corresponding Author

References

[1] Lingyu Wang, S Jajodia, A Singhal, Pengsu Cheng, S. Noel, K-Zero Day Safety: A Network Security Metric for Measuring the Risk of Unknown Vulnerabilities, IEEE Transactions on Dependable and Secure Computing, vol. 11, no. 1, 2014, pp.30-44.

DOI: 10.1109/tdsc.2013.24

Google Scholar

[2] M. R. Endsley, Design and evaluation for situation awareness enhancement, In Proceedings of the Human Factors Society 32nd Annual Meeting, Santa Monica, CA, 1988, pp.97-101.

DOI: 10.1177/154193128803200221

Google Scholar

[3] Xiuzhen Chen, Qinghua Zheng, Quantitative Hierarchical Threat Evaluation Model for Network Security, Journal of Software, Vol. 17, No. 4, April 2006, pp.885-897.

Google Scholar

[4] A A Cain, D Schuster, Measurement of situation awareness among diverse agents in cyber security, 2014 IEEE International Inter-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (CogSIMA), 2014: 124-129.

DOI: 10.1109/cogsima.2014.6816551

Google Scholar

[5] Wei Ren, RBFNN-based Prediction of Networks Security Situation, Computer Engineering and Applications, 2006, pp.136-139.

Google Scholar

[6] Zongming Lin, Guolong Chen, Wenzhong Guo and Yanhua Liu, PSO-BPNN-based Prediction of Network Security Situation, The 3rd International Conference on Innovative Computing Information and Control, 2008, pp.37-41.

DOI: 10.1109/icicic.2008.436

Google Scholar

[7] Jingsong Xu, Qiang Wu, Jian Zhang, Fumin Shen and Zhenmin Tang, Boosting Separability in Semisupervised Learning for Object Classification, IEEE Transactions on Circuits and Systems for Video Technology, 2014, 24(7): 1197-1208.

DOI: 10.1109/tcsvt.2014.2302518

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.