Research Article
Threat Detection-Oriented Network Security Situation Assessment Method
@INPROCEEDINGS{10.1007/978-3-030-96791-8_17, author={Hongyu Yang and Zixin Zhang and Liang Zhang}, title={Threat Detection-Oriented Network Security Situation Assessment Method}, proceedings={Security and Privacy in New Computing Environments. 4th EAI International Conference, SPNCE 2021, Virtual Event, December 10-11, 2021, Proceedings}, proceedings_a={SPNCE}, year={2022}, month={3}, keywords={Parallel feature extraction Sparse auto-encoder Attention mechanism False alarm reduction matrix Network security situation assessment}, doi={10.1007/978-3-030-96791-8_17} }- Hongyu Yang
Zixin Zhang
Liang Zhang
Year: 2022
Threat Detection-Oriented Network Security Situation Assessment Method
SPNCE
Springer
DOI: 10.1007/978-3-030-96791-8_17
Abstract
To analyze the impact of network threats and accurately reflect the security situation of the network, we propose a threat detection-oriented network security situation assessment method. Firstly, a network threat detection model is designed. The model is composed of parallel feature extraction (PFE) with the sparse auto-encoder and an improved bi-directional gate recurrent (IBiGRU) with the attention mechanism. The PFE is established to extract the key information of different network threats and fuse the extracted features with the original information. Secondly, the PFE-IBiGRU is used to detect the threats in the network, and the occurrence number of each attack type and the false alarm reduction matrix are counted. Finally, according to the model detection results, combined with the proposed network security situation quantification method, the network security situation value is calculated. The experimental results show that our method is more accurate for identifying network attacks and can effectively and comprehensively evaluate the overall situation of network security.
