Research on Alert Records Perception of Network Situation Awareness

J4 ›› 2012, Vol. 34 ›› Issue (7): 39-45.

• 论文 • Previous Articles Next Articles

Research on Alert Records Perception of Network Situation Awareness

WANG Juan 1,PENG Jing2,WANG Can3

(1.School of Network Engineering,Chengdu University of Information Technology,Chengdu 610225;
2.Academic Affairs Office,Chengdu University of Information Technology,Chengdu 610225;
3.School of Computer Science and Engineering,
University of Electronics Science and Technology of China,Chengdu 610054,China)

Received:2011-07-24 Revised:2011-10-09 Online:2012-07-25 Published:2012-07-25

Abstract

Abstract:

The alert perception of network situation awareness is different from that of the traditional intrusion detection area in particle size, scale, target, and so on. It pays more attention to human understanding. Based on the existing similarity based alert analysis method, a "similarity based macro network alert awareness algorithm" is proposed. It gives a new definition of attribute similarity, and uses an "optimal sequence method" to improve attribute weight setting. Finally, a threshold selection scheme is proposed based on human instantaneous understanding. The experimental results show that this method can help network managers get the whole awareness of network situation including the time, range, and type of network abnormality.

Key words: network situation awareness;alert analysis;intrusion detection;similarity

WANG Juan 1,PENG Jing2,WANG Can3. Research on Alert Records Perception of Network Situation Awareness[J]. J4, 2012, 34(7): 39-45.

Research on Alert Records Perception of Network Situation Awareness

PDF

Knowledge

Abstract

Cite this article

share this article

Related Articles 0

Recommended Articles

Metrics

Comments