CN116366277A - Network security situation assessment method for information fusion - Google Patents
Network security situation assessment method for information fusion Download PDFInfo
- Publication number
- CN116366277A CN116366277A CN202211565221.4A CN202211565221A CN116366277A CN 116366277 A CN116366277 A CN 116366277A CN 202211565221 A CN202211565221 A CN 202211565221A CN 116366277 A CN116366277 A CN 116366277A
- Authority
- CN
- China
- Prior art keywords
- data
- information
- network
- security
- network security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000004927 fusion Effects 0.000 title claims abstract description 42
- 238000000034 method Methods 0.000 title claims abstract description 36
- 238000004458 analytical method Methods 0.000 claims abstract description 42
- 231100000279 safety data Toxicity 0.000 claims abstract description 23
- 238000011156 evaluation Methods 0.000 claims abstract description 17
- 238000007781 pre-processing Methods 0.000 claims abstract description 16
- 238000011002 quantification Methods 0.000 claims abstract description 4
- 238000004422 calculation algorithm Methods 0.000 claims description 26
- 238000000605 extraction Methods 0.000 claims description 9
- 230000001364 causal effect Effects 0.000 claims description 8
- 238000012545 processing Methods 0.000 claims description 7
- 238000005259 measurement Methods 0.000 claims description 6
- 238000004364 calculation method Methods 0.000 claims description 5
- 238000012098 association analyses Methods 0.000 claims description 3
- 238000007499 fusion processing Methods 0.000 claims description 3
- 230000010354 integration Effects 0.000 claims description 3
- 238000005065 mining Methods 0.000 claims description 3
- 238000010606 normalization Methods 0.000 claims description 3
- 230000009467 reduction Effects 0.000 claims description 3
- 230000009466 transformation Effects 0.000 claims description 3
- 238000005516 engineering process Methods 0.000 description 7
- 238000010586 diagram Methods 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000002474 experimental method Methods 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 238000011158 quantitative evaluation Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000001228 spectrum Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0631—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
- H04L41/065—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis involving logical or physical relationship, e.g. grouping and hierarchies
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S10/00—Systems supporting electrical power generation, transmission or distribution
- Y04S10/50—Systems or methods supporting the power network operation or management, involving a certain degree of interaction with the load-side end user applications
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses an information fusion network security situation assessment method which can correlate, synthesize and analyze the collected security data so as to obtain relevant parameters of problem data and relevant data of the problem data. The method comprises the following steps: firstly, establishing a network security situation assessment model; secondly, collecting network security state information; thirdly, preprocessing the safety data; thirdly, the information fusion analysis module performs information fusion analysis on the acquired safety data; thirdly, the network security situation analysis module fuses the problem data and the security information, and network security evaluation data at the moment is obtained through quantification; and finally, if the network threat index is lower than a certain threshold value, starting an alarm mode, and positioning and displaying the address where the fault data are located.
Description
Technical Field
The invention relates to the field of network information security, in particular to a network security situation assessment method for information fusion.
Background
Along with the development of science and technology, the network takes root for many years in people's life, the network changes people's life style, makes something become simple on the network, it is connected the world like a net, but the link of net is not just one, the circulation of information also appears unprecedented in the network, although there is the method of writing encryption information to enable the transmission in-process to have certain privacy, nevertheless some hackers can maliciously intercept information, even maliciously visit the website, make the website crash, so can make the evaluation to the security degree of network operation environment and be the problem that needs to be solved urgently. In the network security situation assessment technology, threat assessment by information fusion is a key technology in the field of network information security.
In recent years, the network security situation assessment technology is also endless, patent CN201811291094.7 mentions that index information is collected through nodes and links in a network, and calculates the node and link situations according to the loss rate of node data and the delay time, the blocking rate and the loss rate of link transmission data, so as to measure the network security situation. However, the node situation is often too general, and then a certain time is needed for accurately calculating and analyzing the specific threatened location and reason, so that how to evaluate the network security situation with high quality is the problem to be solved by the invention.
Disclosure of Invention
Aiming at the problems, the invention discloses a network security situation assessment method for information fusion, which can correlate, synthesize and analyze the collected security data to obtain relevant parameters and relevant data of problem data.
In order to achieve the technical effects, the invention adopts the following technical scheme:
the network security situation assessment method of information fusion comprises the following assessment steps:
s1: establishing a network security situation assessment model, wherein the model is used for analyzing the working state of a server, analyzing the source of problem information and carrying out alarm processing on the problem information;
s2: the server information extraction module collects network security state information, wherein the information collection is continuous collection, and new network security data and server security data are continuously collected;
s3: preprocessing the collected safety data to realize integration, transformation and reduction of multi-source safety data;
s4: the information fusion analysis module performs fusion analysis on the acquired safety data information, the time sequence logic model performs safety problem cause searching on the safety data information, and the association analysis module performs description analysis on the causal relationship of the safety problem through a causal association algorithm according to the searched problem cause; the data correlation module performs multi-level distributed mining processing on the safety data information, and determines the state and identity relationship between the safety data information; the evaluation comprehensive module predicts the problem characteristics of the network safety information and the data information of the related problems through a likelihood-fuzzy algorithm;
s5: the network security situation analysis module fuses the problem data and the security information, and network security evaluation data at the moment is obtained through quantification;
s6: and if the network threat index is lower than a certain threshold value, the problem pre-alarm module starts an alarm mode and displays the problem data address in a positioning way.
As a further aspect of the present invention, the security assessment data exhibits a network threat index, problem data information, and data information associated with the problem data.
As a further scheme of the invention, the safety data preprocessing realizes the calibration and normalization of data through different layers of algorithms and is used for carrying out primary fusion processing on the standardized data.
As a further scheme of the invention, situation analysis processes and computes basic layer data among servers, networks and users through a fusion-evaluation algorithm, so that evaluation of upper network security situations is realized.
As a further scheme of the invention, the network security situation assessment model comprises a server information extraction module, a data preprocessing module, an information fusion analysis module, a network security situation analysis module and a problem pre-alarm module; the server information extraction module is connected with the data preprocessing module, the data preprocessing module is connected with the information fusion analysis module, the information fusion analysis module is connected with the network security situation analysis module, and the network security situation analysis module is connected with the problem pre-alarm module.
As a further scheme of the invention, the problem alarm module comprises a red marking unit, a data position tracking unit, a data comparison unit and a priority control unit, and is written by adopting network system codes.
As a further scheme of the invention, the security situation assessment in the network is realized by adopting a clustering PageRank algorithm, and the step of evaluating the security situation of the network by the clustering PageRank algorithm is as follows:
s71: establishing a network information sample mean value set
Randomly extracting network information data as a sample set, and defining the sample set as X= { X 1 ,x 2 ,x 3 ...x n Defining the central data set of each type of data in the random sample set as v= (V) 1 ,v 2 ,v 3 ...v k ),u c Defined as sample data x n Belonging to central data v k The probability value of the network information data fuzzy clustering is as follows:
in the formula (1), m represents a fuzzy dividing parameter,
data x representing similar network information sample data under fuzzy dividing parameter m i Belonging to central data v k Probability value d of (d) ik Sample data x representing homogeneous network information i To central data v k Where n represents the number of samples, k represents the number of center data, i represents the i-th subset of the set of samples, where i e [1, n]Y represents the y-th subset of the central dataset, where y ε [1, k ]]G (u, v) represents the objective function with probability values and center data as cardinalities;
s72: updating Euclidean distance between center data and sample data for each class of data
The relation between Euclidean distance and probability value of each type of data is shown as formula (2):
in the formula (2), u ik Representing data x i Belonging to central data v k Is used to determine the probability value of (1),
representing sample data x at the time of blurring the parameter center value i To central data v k Euclidean distance of probability values of (a); the Euclidean distance probability value between the center data and the sample data of each type of data is updated continuously, so that the objective function can continuously reduce the search range of the network information, and the optimal division is carried out on each type of network information;
s73: information security measurement is carried out on each type of optimized network information
The clustering PageRank algorithm carries out measurement and evaluation on the security of network information, and the calculation formula is as follows:
in the formula (3), a represents a security parameter, b represents a threat parameter, and N a K for all network information sets with security parameters a b P (a) represents a network security index and P (b) represents a network threat index for all network information sets with threat parameters b; the larger the network security index is, the higher the network information security situation of the corresponding category is, otherwise, the network information risk degree of the corresponding category is deepened, and the network information security situation must be processed in time.
The beneficial effects of the invention are as follows:
different from the conventional technology, the invention analyzes the network security threat situation through the information fusion people technology and calculates the quantitative evaluation of the network security threat situation. The information fusion analysis module analyzes problem data in the safety data through a causal association algorithm and a likelihood-fuzzy algorithm, and digs out other data related to the problem data, and the network security situation analysis module displays a network threat index, problem data information and data information related to the problem data through calculation and analysis of the problem data. The invention evaluates the network security threat situation with high quality and visually displays the address of the problem data.
Drawings
For a clearer description of embodiments of the invention or of solutions in the prior art, the drawings that are necessary for the description of the embodiments or of the prior art will be briefly described, it being apparent that the drawings in the description below are only some embodiments of the invention, from which, without inventive faculty, other drawings can be obtained for a person skilled in the art, in which:
FIG. 1 shows a step diagram of a network security situation assessment method for information fusion;
FIG. 2 illustrates a network security posture analysis diagram of the present invention;
FIG. 3 illustrates a graph of input network signal frequency values in accordance with the present invention;
FIG. 4 is a diagram showing the signal characteristics of a detection problem of a conventional network situation assessment method of the present invention;
fig. 5 shows a characteristic diagram of a problem signal detected by the information fusion network situation assessment method of the present invention.
Detailed Description
The preferred embodiments of the present invention will be described below with reference to the accompanying drawings, it being understood that the embodiments described herein are for illustration and explanation of the present invention only, and are not intended to limit the present invention;
in a specific embodiment, as shown in fig. 1 to 5, a network security situation assessment method for information fusion adopts the following steps:
s1: establishing a network security situation assessment model, wherein the model is used for analyzing the working state of a server, analyzing the source of problem information and carrying out alarm processing on the problem information;
s2: the server information extraction module collects network security state information, wherein the information collection is continuous collection, and new network security data and server security data are continuously collected;
s3: preprocessing the collected safety data to realize integration, transformation and reduction of multi-source safety data;
s4: the information fusion analysis module performs fusion analysis on the acquired safety data information, the time sequence logic model performs safety problem cause searching on the safety data information, and the association analysis module performs description analysis on the causal relationship of the safety problem through a causal association algorithm according to the searched problem cause; the data correlation module performs multi-level distributed mining processing on the safety data information, and determines the state and identity relationship between the safety data information; the evaluation comprehensive module predicts the problem characteristics of the network safety information and the data information of the related problems through a likelihood-fuzzy algorithm;
s5: the network security situation analysis module fuses the problem data and the security information, and network security evaluation data at the moment is obtained through quantification; in the invention, the analysis of the network threat data is divided into two steps, wherein the first step is to classify the problem data according to the problem characteristics and calculate various problem threat indexes according to the problem data information; and the second step is to aggregate the threat indexes of various problems to obtain a total network threat index.
S6: and if the network threat index is lower than a certain threshold value, the problem pre-alarm module starts an alarm mode and displays the problem data address in a positioning way. In the invention, in order to realize the management and control of the network threat event, the calculated network threat index is graded. Cyber threats can be classified into 5 classes according to cyber threat index calculation: and (3) the alarm module is started when the network threat index is more than or equal to 6.
In particular embodiments, the security assessment data exhibits a network threat index, issue data information, and data information associated with the issue data.
In a specific embodiment, the secure data preprocessing realizes data calibration and normalization through different layers of algorithms and is used for performing primary fusion processing on the standardized data.
In a specific embodiment, situation analysis processes and computes base layer data between a server and a network and between users through a fusion-evaluation algorithm, so that evaluation of security situations of an upper network is realized.
In a specific embodiment, the network security situation assessment model comprises a server information extraction module, a data preprocessing module, an information fusion analysis module, a network security situation analysis module and a problem pre-alarm module; the server information extraction module is connected with the data preprocessing module, the data preprocessing module is connected with the information fusion analysis module, the information fusion analysis module is connected with the network security situation analysis module, and the network security situation analysis module is connected with the problem pre-alarm module.
In a specific embodiment, as a further scheme of the invention, the problem alarm module comprises a red marking unit, a data position tracking unit, a data comparison unit and a priority control unit, and is written by adopting network system codes. In the invention, the red marking unit is used for displaying and marking problem data and warning staff that the problem occurs and that the network security is threatened; the data position tracking unit is used for tracking the specific position of the problem data in the network and also tracking the network position of the data related to the problem data; the data comparison unit searches and compares whether the network security situation assessment data is at a security level or not through the network security situation table; the priority control unit is used for locking the area of the network which is subject to the power, and the processing warning in the network is the maximum priority and can not process other information; .
In a specific embodiment, the information fusion network situation assessment technology of the information fusion network security situation assessment method is analyzed and verified.
In a specific embodiment, the security situation assessment in the network is realized by adopting a clustering PageRank algorithm, and the step of evaluating the security situation of the network by the clustering PageRank algorithm is as follows:
s71: establishing a network information sample mean value set
Randomly extracting network information data as a sample set, and determiningThe sense sample set is x= { X 1 ,x 2 ,x 3 ...x n Defining the central data set of each type of data in the random sample set as v= (V) 1 ,v 2 ,v 3 ...v k ),u c Defined as sample data x n Belonging to central data v k The probability value of the network information data fuzzy clustering is as follows:
in the formula (1), m represents a fuzzy dividing parameter,
data x representing similar network information sample data under fuzzy dividing parameter m i Belonging to central data v k Probability value d of (d) ik Sample data x representing homogeneous network information i To central data v k Where n represents the number of samples, k represents the number of center data, i represents the i-th subset of the set of samples, where i e [1, n]Y represents the y-th subset of the central dataset, where y ε [1, k ]]The method comprises the steps of carrying out a first treatment on the surface of the G (u, v) represents an objective function, the probability value and the central data are used as the base numbers, the objective function of the fuzzy clustering of the network information data is the objective function of each type of network information data, and the optimization result of each type of network information is obtained through optimizing the network information data of each type.
S72: updating Euclidean distance between center data and sample data for each class of data
The relation between Euclidean distance and probability value of each type of data is shown as formula (2):
in the formula (2), u ik Representing data x i Belonging to central data v k Is used to determine the probability value of (1),
representing sample data x at the time of blurring the parameter center value i To central data v k Euclidean distance of probability values of (a); the Euclidean distance probability value between the center data and the sample data of each type of data is updated continuously, so that the objective function can continuously reduce the search range of the network information, and the optimal division is carried out on each type of network information;
s73: information security measurement is carried out on each type of optimized network information
The clustering PageRank algorithm carries out measurement and evaluation on the security of network information, and the calculation formula is as follows:
in the formula (3), a represents a security parameter, b represents a threat parameter, and N a K for all network information sets with security parameters a b P (a) represents a network security index and P (b) represents a network threat index for all network information sets with threat parameters b; the larger the network security index is, the higher the network information security situation of the corresponding category is, otherwise, the network information risk degree of the corresponding category is deepened, and the network information security situation must be processed in time. The invention calculates the safety index of the optimized network information by clustering PageRank algorithm, wherein P (a) E [1,10 ]]Only when the security index P (a) is 8 or more, the calculated network information is the security information, and can be stably invoked.
The experimental environment is as follows: tensorflow artificial intelligence framework, jupyter Notebook programming environment, simulink simulation software.
In order to accurately embody the accuracy of network situation assessment by information fusion, the traditional network situation assessment method is used for comparison in the experiment, the two methods carry out network situation assessment on the collected network signals, and the input network signal frequency spectrum is shown in figure 3.
The situation assessment of the input network signal by the traditional network situation assessment method is shown in fig. 4, and the situation assessment of the input network signal by the information fusion network situation assessment method is shown in fig. 5.
Fig. 4 and 5 show time-frequency characteristics of two methods for detecting problem data in a network signal during a certain period of time. Therefore, the network problem signal characteristics can be clearly detected by adopting the information fusion network situation assessment method. The traditional network situation assessment method adopts a problem signal envelope amplitude detection method, which is easy to cause boundary errors, so that the detected problem signal time-frequency characteristics are dispersed. The information fusion network situation assessment method adopted by the invention is that the causal association algorithm and the likelihood-fuzzy algorithm used by the problem information characteristic analysis processing method have certain information specificity, cannot cause excessive errors, and is clearer in description of problem data and convenient for research and understanding.
While specific embodiments of the present invention have been described above, it will be understood by those skilled in the art that the foregoing detailed description is given by way of example only, and that various omissions, substitutions and changes in the form of the details of the method and system illustrated may be made by those skilled in the art without departing from the spirit and scope of the invention; for example, it is within the scope of the present invention to combine the above-described method steps to perform substantially the same function in substantially the same way to achieve substantially the same result; accordingly, the scope of the invention is limited only by the following claims.
Claims (7)
1. A network security situation assessment method for information fusion is characterized in that:
s1: establishing a network security situation assessment model, wherein the model is used for analyzing the working state of a server, analyzing the source of problem information and carrying out alarm processing on the problem information;
s2: the server information extraction module collects network security state information, wherein the information collection is continuous collection, and new network security data and server security data are continuously collected;
s3: preprocessing the collected safety data to realize integration, transformation and reduction of multi-source safety data;
s4: the information fusion analysis module performs fusion analysis on the acquired safety data information, the time sequence logic model performs safety problem cause searching on the safety data information, and the association analysis module performs description analysis on the causal relationship of the safety problem through a causal association algorithm according to the searched problem cause; the data correlation module performs multi-level distributed mining processing on the safety data information, and determines the state and identity relationship between the safety data information; the evaluation comprehensive module predicts the problem characteristics of the network safety information and the data information of the related problems through a likelihood-fuzzy algorithm;
s5: the network security situation analysis module fuses the problem data and the security information, and network security evaluation data at the moment is obtained through quantification;
s6: and if the network threat index is lower than a certain threshold value, the problem pre-alarm module starts an alarm mode and displays the problem data address in a positioning way.
2. The network security posture assessment method for information fusion according to claim 1, wherein: the security assessment data exhibits a network threat index, issue data information, and data information associated with the issue data.
3. The network security posture assessment method for information fusion according to claim 1, wherein: the safety data preprocessing realizes the calibration and normalization of data through different layers of algorithms and is used for carrying out primary fusion processing on the standardized data.
4. The network security posture assessment method for information fusion according to claim 1, wherein: and the situation analysis processes and computes basic layer data among the server, the network and the users through a fusion-evaluation algorithm, so that the evaluation of the security situation of the upper network is realized.
5. The network security posture assessment method for information fusion according to claim 1, wherein: the network security situation assessment model comprises a server information extraction module, a data preprocessing module, an information fusion analysis module, a network security situation analysis module and a problem pre-alarm module; the server information extraction module is connected with the data preprocessing module, the data preprocessing module is connected with the information fusion analysis module, the information fusion analysis module is connected with the network security situation analysis module, and the network security situation analysis module is connected with the problem pre-alarm module.
6. The network security posture assessment method for information fusion according to claim 1, wherein: the problem alarm module comprises a red marking unit, a data position tracking unit, a data comparison unit and a priority control unit, and is written by adopting a network system code.
7. The network security posture assessment method for information fusion according to claim 1, wherein: the security situation assessment in the network is realized by adopting a clustering PageRank algorithm, and the step of evaluating the security situation of the network by the clustering PageRank algorithm is as follows: s71: establishing a network information sample mean value set
Randomly extracting network information data as a sample set, and defining the sample set as X= { X 1 ,x 2 ,x 3 ...x n Defining the central data set of each type of data in the random sample set as v= (V) 1 ,v 2 ,v 3 ...v k ),u c Defined as sample data x n Belonging to central data v k The probability value of the network information data fuzzy clustering is as follows:
in the formula (1), m represents a fuzzy dividing parameter,
data x representing similar network information sample data under fuzzy dividing parameter m i Belonging to central data v k Probability of (2)Value d ik Sample data x representing homogeneous network information i To central data v k Where n represents the number of samples, k represents the number of center data, i represents the i-th subset of the set of samples, where i e [1, n]Y represents the y-th subset of the central dataset, where y ε [1, k ]]G (u, v) represents the objective function with probability values and center data as cardinalities;
s72: updating Euclidean distance between center data and sample data for each class of data
The relation between Euclidean distance and probability value of each type of data is shown as formula (2):
in the formula (2), u ik Representing data x i Belonging to central data v k Is used to determine the probability value of (1),
representing sample data x at the time of blurring the parameter center value i To central data v k Euclidean distance of probability values of (a); the Euclidean distance probability value between the center data and the sample data of each type of data is updated continuously, so that the objective function can continuously reduce the search range of the network information, and the optimal division is carried out on each type of network information;
s73: information security measurement is carried out on each type of optimized network information
The clustering PageRank algorithm carries out measurement and evaluation on the security of network information, and the calculation formula is as follows:
in the formula (3), a represents a security parameter, b represents a threat parameter, and N a K for all network information sets with security parameters a b P (a) represents the network for all sets of network information with threatening parameters bA security indicator, P (b) representing a network threat indicator; the larger the network security index is, the higher the network information security situation of the corresponding category is, otherwise, the network information risk degree of the corresponding category is deepened, and the network information security situation must be processed in time.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211565221.4A CN116366277A (en) | 2022-12-07 | 2022-12-07 | Network security situation assessment method for information fusion |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211565221.4A CN116366277A (en) | 2022-12-07 | 2022-12-07 | Network security situation assessment method for information fusion |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116366277A true CN116366277A (en) | 2023-06-30 |
Family
ID=86939473
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211565221.4A Pending CN116366277A (en) | 2022-12-07 | 2022-12-07 | Network security situation assessment method for information fusion |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116366277A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116756225A (en) * | 2023-08-14 | 2023-09-15 | 南京展研信息技术有限公司 | Situation data information processing method based on computer network security |
-
2022
- 2022-12-07 CN CN202211565221.4A patent/CN116366277A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116756225A (en) * | 2023-08-14 | 2023-09-15 | 南京展研信息技术有限公司 | Situation data information processing method based on computer network security |
| CN116756225B (en) * | 2023-08-14 | 2023-11-07 | 南京展研信息技术有限公司 | Situation data information processing method based on computer network security |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Wang et al. | Heterogeneous network representation learning approach for ethereum identity identification | |
| Saxena et al. | Intrusion detection in KDD99 dataset using SVM-PSO and feature reduction with information gain | |
| CN101582813B (en) | Distributed migration network learning-based intrusion detection system and method thereof | |
| CN117473571B (en) | Data information security processing method and system | |
| Tabash et al. | Intrusion detection model using naive bayes and deep learning technique. | |
| Suthaharan et al. | Relevance feature selection with data cleaning for intrusion detection system | |
| CN106792883A (en) | Sensor network abnormal deviation data examination method and system | |
| CN116366376B (en) | APT attack traceability graph analysis method | |
| CN117094184B (en) | Modeling method, system and medium of risk prediction model based on intranet platform | |
| Muslihi et al. | Detecting SQL injection on web application using deep learning techniques: a systematic literature review | |
| CN116366277A (en) | Network security situation assessment method for information fusion | |
| Maidamwar et al. | A survey on machine learning approaches for developing intrusion detection system | |
| Carmichael et al. | Unfooling perturbation-based post hoc explainers | |
| Kavitha et al. | Emerging intuitionistic fuzzy classifiers for intrusion detection system | |
| Ravipati et al. | A survey on different machine learning algorithms and weak classifiers based on KDD and NSL-KDD datasets | |
| Hemanand et al. | Cyber security system based on machine learning using logistic decision support vector | |
| Kumar | A Big Data Analytical Framework for Intrusion Detection Based On Novel Elephant Herding Optimized Finite Dirichlet Mixture Models | |
| Riad et al. | Visualize network anomaly detection by using k-means clustering algorithm | |
| CN117014193A (en) | Unknown Web attack detection method based on behavior baseline | |
| CN116346475A (en) | Hidden high-risk behavior operation anomaly scoring method and system | |
| Prerau et al. | Unsupervised anomaly detection using an optimized K-nearest neighbors algorithm | |
| Mishra et al. | Crime Prediction Using Fuzzy c-means Algorithm | |
| Saed et al. | Implementation with performance evaluation of decision tree classifier for uncertain data: Literature review | |
| Albahar et al. | THE USE OF FRACTAL DIMENSION (FD) ANALYSIS IN DETECTION OF ANOMALIES, SABOTAGES, AND MALICIOUS ACTS IN A CYBER-PHYSICAL SYSTEM USING HIGUCHI'S ALGORITHM. | |
| Kumari et al. | Prediction of Data Breaches using Classification Algorithms |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication |