A novel stochastic modeling method for network security situational awareness

Y. Liang; H. Q. Wang; H. B. Cai; Y. J. He

doi:10.1109/ICIEA.2008.4582951

A novel stochastic modeling method for network security situational awareness

Y. Liang^*
, H. Q. Wang
, H. B. Cai
, Y. J. He

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

5 Scopus citations

Abstract

Hidden Markov Model (HMM) is used to model network security situational awareness (NSA). Distribution of abnormal behaviors in networked system and operational states of key network services are abstracted by Markov chains, modeling objects of the HMM's dual stochastic processes are set up, and classic Baum-Welch algorithm is used to estimate the parameters of the established stochastic mathematical model, then the stochastic modeling for network security situational awareness based upon HMM is realized. The simulation experimental results in LAN show that the model can effectively analyze and validate network security situation, and it is a novel attempt in achieving network security situational awareness, which prompts the development of theoretical researches in the field of NSA at a certain degree.

Original language	English
Title of host publication	2008 3rd IEEE Conference on Industrial Electronics and Applications, ICIEA 2008
Pages	2422-2426
Number of pages	5
DOIs	https://doi.org/10.1109/ICIEA.2008.4582951
State	Published - 2008
Externally published	Yes
Event	2008 3rd IEEE Conference on Industrial Electronics and Applications, ICIEA 2008 - Singapore, Singapore Duration: 3 Jun 2008 → 5 Jun 2008

Publication series

Name	2008 3rd IEEE Conference on Industrial Electronics and Applications, ICIEA 2008

Conference

Conference	2008 3rd IEEE Conference on Industrial Electronics and Applications, ICIEA 2008
Country/Territory	Singapore
City	Singapore
Period	3/06/08 → 5/06/08

Access to Document

10.1109/ICIEA.2008.4582951

Cite this

Liang, Y., Wang, H. Q., Cai, H. B., & He, Y. J. (2008). A novel stochastic modeling method for network security situational awareness. In 2008 3rd IEEE Conference on Industrial Electronics and Applications, ICIEA 2008 (pp. 2422-2426). Article 4582951 (2008 3rd IEEE Conference on Industrial Electronics and Applications, ICIEA 2008). https://doi.org/10.1109/ICIEA.2008.4582951

@inproceedings{97d739e946494ea8a68ce49416aaa450,

title = "A novel stochastic modeling method for network security situational awareness",

abstract = "Hidden Markov Model (HMM) is used to model network security situational awareness (NSA). Distribution of abnormal behaviors in networked system and operational states of key network services are abstracted by Markov chains, modeling objects of the HMM's dual stochastic processes are set up, and classic Baum-Welch algorithm is used to estimate the parameters of the established stochastic mathematical model, then the stochastic modeling for network security situational awareness based upon HMM is realized. The simulation experimental results in LAN show that the model can effectively analyze and validate network security situation, and it is a novel attempt in achieving network security situational awareness, which prompts the development of theoretical researches in the field of NSA at a certain degree.",

author = "Y. Liang and Wang, \{H. Q.\} and Cai, \{H. B.\} and He, \{Y. J.\}",

year = "2008",

doi = "10.1109/ICIEA.2008.4582951",

language = "英语",

isbn = "9781424417186",

series = "2008 3rd IEEE Conference on Industrial Electronics and Applications, ICIEA 2008",

pages = "2422--2426",

booktitle = "2008 3rd IEEE Conference on Industrial Electronics and Applications, ICIEA 2008",

note = "2008 3rd IEEE Conference on Industrial Electronics and Applications, ICIEA 2008 ; Conference date: 03-06-2008 Through 05-06-2008",

}

Liang, Y, Wang, HQ, Cai, HB & He, YJ 2008, A novel stochastic modeling method for network security situational awareness. in 2008 3rd IEEE Conference on Industrial Electronics and Applications, ICIEA 2008., 4582951, 2008 3rd IEEE Conference on Industrial Electronics and Applications, ICIEA 2008, pp. 2422-2426, 2008 3rd IEEE Conference on Industrial Electronics and Applications, ICIEA 2008, Singapore, Singapore, 3/06/08. https://doi.org/10.1109/ICIEA.2008.4582951

A novel stochastic modeling method for network security situational awareness. / Liang, Y.; Wang, H. Q.; Cai, H. B. et al.
2008 3rd IEEE Conference on Industrial Electronics and Applications, ICIEA 2008. 2008. p. 2422-2426 4582951 (2008 3rd IEEE Conference on Industrial Electronics and Applications, ICIEA 2008).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - A novel stochastic modeling method for network security situational awareness

AU - Liang, Y.

AU - Wang, H. Q.

AU - Cai, H. B.

AU - He, Y. J.

PY - 2008

Y1 - 2008

N2 - Hidden Markov Model (HMM) is used to model network security situational awareness (NSA). Distribution of abnormal behaviors in networked system and operational states of key network services are abstracted by Markov chains, modeling objects of the HMM's dual stochastic processes are set up, and classic Baum-Welch algorithm is used to estimate the parameters of the established stochastic mathematical model, then the stochastic modeling for network security situational awareness based upon HMM is realized. The simulation experimental results in LAN show that the model can effectively analyze and validate network security situation, and it is a novel attempt in achieving network security situational awareness, which prompts the development of theoretical researches in the field of NSA at a certain degree.

AB - Hidden Markov Model (HMM) is used to model network security situational awareness (NSA). Distribution of abnormal behaviors in networked system and operational states of key network services are abstracted by Markov chains, modeling objects of the HMM's dual stochastic processes are set up, and classic Baum-Welch algorithm is used to estimate the parameters of the established stochastic mathematical model, then the stochastic modeling for network security situational awareness based upon HMM is realized. The simulation experimental results in LAN show that the model can effectively analyze and validate network security situation, and it is a novel attempt in achieving network security situational awareness, which prompts the development of theoretical researches in the field of NSA at a certain degree.

UR - https://www.scopus.com/pages/publications/51949084082

U2 - 10.1109/ICIEA.2008.4582951

DO - 10.1109/ICIEA.2008.4582951

M3 - 会议稿件

AN - SCOPUS:51949084082

SN - 9781424417186

T3 - 2008 3rd IEEE Conference on Industrial Electronics and Applications, ICIEA 2008

SP - 2422

EP - 2426

BT - 2008 3rd IEEE Conference on Industrial Electronics and Applications, ICIEA 2008

T2 - 2008 3rd IEEE Conference on Industrial Electronics and Applications, ICIEA 2008

Y2 - 3 June 2008 through 5 June 2008

ER -

A novel stochastic modeling method for network security situational awareness

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this