Skip to main content
SpringerLink
Log in

A hierarchical P2P model and a data fusion method for network security situation awareness system

  • Computer Science
  • Published:
Wuhan University Journal of Natural Sciences

Abstract

A hierarchical peer-to-peer (P2P) model and a data fusion method for network security situation awareness system are proposed to improve the efficiency of distributed security behavior monitoring network. The single point failure of data analysis nodes is avoided by this P2P model, in which a greedy data forwarding method based on node priority and link delay is devised to promote the efficiency of data analysis nodes. And the data fusion method based on repulsive theory-Dumpster/Shafer (PSORT-DS) is used to deal with the challenge of multi-source alarm information. This data fusion method debases the false alarm rate. Compared with improved Dumpster/Shafer (DS) theoretical method based on particle swarm optimization (PSO) and classical DS evidence theoretical method, the proposed model reduces false alarm rate by 3% and 7%, respectively, whereas their detection rate increases by 4% and 16%, respectively.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Saad R, Nait-Abdesselam F, Serhrouchni A. A collaborative peer-to-peer architecture to defend against DDoS attacks [C]// 33rd IEEE Conference on Local Computer Networks (LCN 2008). Piscataway N J: IEEE Press, 2008: 427–434.

    Chapter  Google Scholar 

  2. Gong W, Fu W L, Cai L. A neural network based intrusion detection data fusion model [C]// The 3rd International Joint Conference on Computational Science and Optimization (CSO). Piscataway N J: IEEE Press, 2010: 410–414.

    Google Scholar 

  3. Xie F, Peng Y, Yang H Y, et al. Data fusion detection model based on SVM and evidence theory [C]// IEEE 14th International Conference on Communication Technology (ICCT). Piscataway N J: IEEE Press, 2012: 814–818.

    Google Scholar 

  4. Wang L, Xiao H J. An integrated decision system for intrusion detection [C]// International Conference on Multimedia Information Networking and Security (MINES’ 09). Piscataway N J: IEEE Press, 2009: 417–421.

    Chapter  Google Scholar 

  5. Yao S P. Research of Data Fusion Based on Modified PSO Neural Network [D]. Harbin: Harbin Engineering University, 2008(Ch).

    Google Scholar 

  6. Nehinbe J O. Understanding the decision rules for partitioning logs of intrusion detection systems (IDS) [J]. International Journal of Internet Technology and Secured Transactions, 2011, 3(3): 293–309.

    Article  Google Scholar 

  7. Zhou X Y, Wu Z J, Wang H. Elite opposition-based particle swarm optimization [J]. Acta Electronica Sinica, 2013, (8): 1647–1652(Ch).

    Google Scholar 

  8. Tsujimoto T, Shindo T, Kimura T, et al. A relationship between network topology and search performance of PSO [C]// IEEE Congress on Evolutionary Computation (CEC). Piscataway N J: IEEE Press, 2012: 1–6.

    Google Scholar 

  9. Konstantinos E. Parsopoulos. Cooperative micro-particle swarm optimization [C]// Proceedings of the 1st ACM/SIGEVO Summit on Genetic and Evolutionary Computation (GEC’09). New York: ACM Press, 2009: 467–474.

    Google Scholar 

  10. Liu Y H, Li Y L, Yang L T. et al. The resource locating strategy based on sub-domain hybrid P2P network model [C] // Parallel & Distributed Processing, Workshops and Phd Forum (IPDPSW), 2010 IEEE International Symposium. Piscataway N J: IEEE Press, 2010: 1–8.

    Google Scholar 

  11. Jiang L M, He J L, Zhang H. Approach for conflicting evidence in D-S theory of evidence [J]. Computer Science, 2011, 38(4): 144–146(Ch).

    CAS  Google Scholar 

  12. Qin X Z, Lee W. Statistical causality analysis of infosec alert data [C] // Proceedings of Recent Advances in Intrusion Detection. Berlin, Heidelberg: Springer-Verlag Press, 2003: 73–93.

    Chapter  Google Scholar 

  13. Jie J, Zeng J C, Han C Z. Self-organized particle swarm optimization based on feedback control of diversity [J]. Journal of Computer Research and Development, 2008, 45(3): 464–471.

    Google Scholar 

  14. Liu X W, Wang H Q, Yu J G. Network security situation awareness model based on multi-source fusion [J]. Journal of PLA University of Science and Technology (Natural Science Edition), 2012, 13(4): 403–407(Ch).

    CAS  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science and Technology Department, Harbin Engineering University, Harbin 150001, Heilongjiang, China

    Fangfang Guo, Yibing Hu, Longting Xiu, Guangsheng Feng & Shuaishuai Wang

Authors
  1. Fangfang Guo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yibing Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Longting Xiu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Guangsheng Feng
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Shuaishuai Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Fangfang Guo.

Additional information

Foundation item: Supported by the National Natural Science Foundation of China (61370212), the Research Fund for the Doctoral Program of Higher Education of China (20122304130002), the Natural Science Foundation of Heilongjiang Province (ZD 201102), and the Fundamental Research Fund for the Central Universities (HEUCFZ1213, HEUCF100601)

Biography: GUO Fangfang, male, Associate professor, Ph.D., research direction: network and information security, mobile peer-to-peer network and the Internet of things.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Guo, F., Hu, Y., Xiu, L. et al. A hierarchical P2P model and a data fusion method for network security situation awareness system. Wuhan Univ. J. Nat. Sci. 21, 126–132 (2016). https://doi.org/10.1007/s11859-016-1148-7

Download citation

  • Received:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11859-016-1148-7

Key words

CLC number

Search

Navigation