Abstract
Network Security Situation Awareness (NSSA) can provide holistic status to administrator, and most related works rely on real time packet inspection technique to detect the security attacks which are happening and may already have caused some damage. In this paper, we propose the Risk Assessment NSSA model which collects the vulnerabilities information and uses corresponding risk level to qualitatively represent the security situation. This model is easy to apply and conveniently helps the administrator to monitor the whole network and be alerted to possible threat in future.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Tao, H., Zhou, J., Liu, S.: A survey of network security situation awareness in power monitoring system. In: IEEE Conference on Energy Internet and Energy System Integration, pp. 1–3. IEEE, Beijing (2017). https://doi.org/10.1109/ei2.2017.8245487
Singh, M., Bhandari, P.: Building a framework for network security situation awareness. In: International Conference on Computing for Sustainable Global Development, pp. 2578–2583. IEEE, Delhi (2016)
Evangelopoulou, M., Johnson, C.W.: Attack visualisation for cyber-security situation awareness. In: IET International Conference on System Safety and Cyber Security, pp. 1–6. IEEE, London (2015). https://doi.org/10.1109/dese.2016.20
Endsley, M.R.: Design and evaluation for situation awareness enhancement. In: Human Factors Society-32nd Annual Meeting, CA, Santa Monica, pp. 97–101 (1988)
Vlahakis, G., Apostolou, D., Kopanaki, E.: Enabling situation awareness with supply chain event management. Expert Syst. Appl. 93, 86–103 (2018). https://doi.org/10.1016/j.eswa.2017.10.013
Kalloniatis, A., Ali, I., Neville, T., La, P., Macleod, I., Zuparic, M., Kohn, E.: The situation awareness weighted network (SAWN) model and method: theory and application. Appl. Ergon. 61, 178–196 (2017). https://doi.org/10.1016/j.apergo.2017.02.002
Wolf, F., Kuber, R.: Developing a head-mounted tactile prototype to support situational awareness. Int. J. Hum. Comput. Stud. 109, 54–67 (2017). https://doi.org/10.1016/j.ijhcs.2017.08.002
Naderpour, M., Lu, J., Zhang, G.: A situation risk awareness approach for process systems safety. Saf. Sci. 64, 173–189 (2014). https://doi.org/10.1016/j.ssci.2013.12.005
Yong, K.C.: Assessment of operator’s situation awareness for smart operation of mobile cranes. Autom. Constr. 85, 65–75 (2017). https://doi.org/10.1016/j.autcon.2017.10.007
Bass, T., Gruber, D.: A glimpse into the future of ID. In: The Magazine of USENIX & SAGE, vol. 24, pp. 40–45 (1999)
Zhao, D., Liu, J.: Study on network security situation awareness based on particle swarm optimization algorithm. Comput. Ind. Eng. (2018). https://doi.org/10.1016/j.cie.2018.01.006
Zhang, Y., Huang, S., Guo, S., Zhu, J.: Multi-sensor data fusion for cyber security situation awareness. Procedia Environ. Sci. 10, 1029–1034 (2011). https://doi.org/10.1016/j.proenv.2011.09.165
Xu, G., Cao, Y., Ren, Y., Li, X., Feng, Z.: Network security situation awareness based on semantic ontology and user-defined rules for internet of things. IEEE Access 5, 21046–21056 (2017). https://doi.org/10.1109/access.2017.2734681
Endsley, M.R.: Toward a theory of situation awareness in dynamic systems. Hum. Factors 37, 32–64 (1995)
Munir, R., Mufti, M.R., Awan, I., Hu, Y.F., Disso, J.P.: Detection, mitigation and quantitative security risk assessment of invisible attacks at enterprise network. In: 2015 International Conference on Future Internet of Things and Cloud, FiCloud 2015 and 2015 International Conference on Open and Big Data, pp. 256–263. IEEE, Rome (2015). https://doi.org/10.1109/ficloud.2015.24
Mansfield-Devine, S.: Google hacking 101. Netw. Secur. 2009(3), 4–6 (2009). https://doi.org/10.1016/s1353-4858(09)70025-x
Abdelhalim, A., Traore, I.: The impact of Google hacking on identity and application fraud. In: IEEE Pacific Rim Conference on Communications, Computers and Signal Processing, pp. 240–244. IEEE, Victoria (2007). https://doi.org/10.1109/pacrim.2007.4313220
Beaudoin, L., Eng, P.: Asset valuation technique for network management and security. In: IEEE International Conference on Data Mining Workshops 2006, ICDM Workshops, pp. 718–721. IEEE, Hong Kong (2006)
Loloei, I., Shahriari, H.R., Sadeghi, A.: A model for asset valuation in security risk analysis regarding assets’ dependencies. In: 20th Iranian Conference on Electrical Engineering (ICEE2012), pp. 763–768. IEEE, Tehran (2012). https://doi.org/10.1109/iraniancee.2012.6292456
Deng, Y., Sadiq, R., Jiang, W., Tesfamariam, S.: Risk analysis in a linguistic environment: a fuzzy evidential reasoning-based approach. Expert Syst. Appl. 38(12), 15438–15446 (2011). https://doi.org/10.1016/j.eswa.2011.06.018
Sendi, A.S., Jabbarifar, M., Shajari, M., Dagenais, M.: FEMRA: fuzzy expert model for risk assessment. In: Fifth International Conference on Internet Monitoring & Protection, pp. 48–53. IEEE, Barcelona (2010). https://doi.org/10.1109/icimp.2010.15
Acknowledgement
This research is supported by the China Natural Science Foundation (61672433).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Liu, Y., Mu, D. (2019). A Network Security Situation Awareness Model Based on Risk Assessment. In: Krömer, P., Zhang, H., Liang, Y., Pan, JS. (eds) Proceedings of the Fifth Euro-China Conference on Intelligent Data Analysis and Applications. ECC 2018. Advances in Intelligent Systems and Computing, vol 891. Springer, Cham. https://doi.org/10.1007/978-3-030-03766-6_3
Download citation
DOI: https://doi.org/10.1007/978-3-030-03766-6_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-03765-9
Online ISBN: 978-3-030-03766-6
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)