Advertisement

A Network Security Situation Awareness Model Based on Risk Assessment

  • Yixian Liu
  • Dejun Mu
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 891)

Abstract

Network Security Situation Awareness (NSSA) can provide holistic status to administrator, and most related works rely on real time packet inspection technique to detect the security attacks which are happening and may already have caused some damage. In this paper, we propose the Risk Assessment NSSA model which collects the vulnerabilities information and uses corresponding risk level to qualitatively represent the security situation. This model is easy to apply and conveniently helps the administrator to monitor the whole network and be alerted to possible threat in future.

Keywords

Network security Situation Awareness Risk assessment Vulnerability 

Notes

Acknowledgement

This research is supported by the China Natural Science Foundation (61672433).

References

  1. 1.
    Tao, H., Zhou, J., Liu, S.: A survey of network security situation awareness in power monitoring system. In: IEEE Conference on Energy Internet and Energy System Integration, pp. 1–3. IEEE, Beijing (2017).  https://doi.org/10.1109/ei2.2017.8245487
  2. 2.
    Singh, M., Bhandari, P.: Building a framework for network security situation awareness. In: International Conference on Computing for Sustainable Global Development, pp. 2578–2583. IEEE, Delhi (2016)Google Scholar
  3. 3.
    Evangelopoulou, M., Johnson, C.W.: Attack visualisation for cyber-security situation awareness. In: IET International Conference on System Safety and Cyber Security, pp. 1–6. IEEE, London (2015).  https://doi.org/10.1109/dese.2016.20
  4. 4.
    Endsley, M.R.: Design and evaluation for situation awareness enhancement. In: Human Factors Society-32nd Annual Meeting, CA, Santa Monica, pp. 97–101 (1988)CrossRefGoogle Scholar
  5. 5.
    Vlahakis, G., Apostolou, D., Kopanaki, E.: Enabling situation awareness with supply chain event management. Expert Syst. Appl. 93, 86–103 (2018).  https://doi.org/10.1016/j.eswa.2017.10.013CrossRefGoogle Scholar
  6. 6.
    Kalloniatis, A., Ali, I., Neville, T., La, P., Macleod, I., Zuparic, M., Kohn, E.: The situation awareness weighted network (SAWN) model and method: theory and application. Appl. Ergon. 61, 178–196 (2017).  https://doi.org/10.1016/j.apergo.2017.02.002CrossRefGoogle Scholar
  7. 7.
    Wolf, F., Kuber, R.: Developing a head-mounted tactile prototype to support situational awareness. Int. J. Hum. Comput. Stud. 109, 54–67 (2017).  https://doi.org/10.1016/j.ijhcs.2017.08.002CrossRefGoogle Scholar
  8. 8.
    Naderpour, M., Lu, J., Zhang, G.: A situation risk awareness approach for process systems safety. Saf. Sci. 64, 173–189 (2014).  https://doi.org/10.1016/j.ssci.2013.12.005CrossRefGoogle Scholar
  9. 9.
    Yong, K.C.: Assessment of operator’s situation awareness for smart operation of mobile cranes. Autom. Constr. 85, 65–75 (2017).  https://doi.org/10.1016/j.autcon.2017.10.007CrossRefGoogle Scholar
  10. 10.
    Bass, T., Gruber, D.: A glimpse into the future of ID. In: The Magazine of USENIX & SAGE, vol. 24, pp. 40–45 (1999)Google Scholar
  11. 11.
    Zhao, D., Liu, J.: Study on network security situation awareness based on particle swarm optimization algorithm. Comput. Ind. Eng. (2018).  https://doi.org/10.1016/j.cie.2018.01.006CrossRefGoogle Scholar
  12. 12.
    Zhang, Y., Huang, S., Guo, S., Zhu, J.: Multi-sensor data fusion for cyber security situation awareness. Procedia Environ. Sci. 10, 1029–1034 (2011).  https://doi.org/10.1016/j.proenv.2011.09.165CrossRefGoogle Scholar
  13. 13.
    Xu, G., Cao, Y., Ren, Y., Li, X., Feng, Z.: Network security situation awareness based on semantic ontology and user-defined rules for internet of things. IEEE Access 5, 21046–21056 (2017).  https://doi.org/10.1109/access.2017.2734681CrossRefGoogle Scholar
  14. 14.
    Endsley, M.R.: Toward a theory of situation awareness in dynamic systems. Hum. Factors 37, 32–64 (1995)CrossRefGoogle Scholar
  15. 15.
    Munir, R., Mufti, M.R., Awan, I., Hu, Y.F., Disso, J.P.: Detection, mitigation and quantitative security risk assessment of invisible attacks at enterprise network. In: 2015 International Conference on Future Internet of Things and Cloud, FiCloud 2015 and 2015 International Conference on Open and Big Data, pp. 256–263. IEEE, Rome (2015).  https://doi.org/10.1109/ficloud.2015.24
  16. 16.
    Mansfield-Devine, S.: Google hacking 101. Netw. Secur. 2009(3), 4–6 (2009).  https://doi.org/10.1016/s1353-4858(09)70025-xCrossRefGoogle Scholar
  17. 17.
    Abdelhalim, A., Traore, I.: The impact of Google hacking on identity and application fraud. In: IEEE Pacific Rim Conference on Communications, Computers and Signal Processing, pp. 240–244. IEEE, Victoria (2007).  https://doi.org/10.1109/pacrim.2007.4313220
  18. 18.
    Beaudoin, L., Eng, P.: Asset valuation technique for network management and security. In: IEEE International Conference on Data Mining Workshops 2006, ICDM Workshops, pp. 718–721. IEEE, Hong Kong (2006)Google Scholar
  19. 19.
    Loloei, I., Shahriari, H.R., Sadeghi, A.: A model for asset valuation in security risk analysis regarding assets’ dependencies. In: 20th Iranian Conference on Electrical Engineering (ICEE2012), pp. 763–768. IEEE, Tehran (2012).  https://doi.org/10.1109/iraniancee.2012.6292456
  20. 20.
    Deng, Y., Sadiq, R., Jiang, W., Tesfamariam, S.: Risk analysis in a linguistic environment: a fuzzy evidential reasoning-based approach. Expert Syst. Appl. 38(12), 15438–15446 (2011).  https://doi.org/10.1016/j.eswa.2011.06.018CrossRefGoogle Scholar
  21. 21.
    Sendi, A.S., Jabbarifar, M., Shajari, M., Dagenais, M.: FEMRA: fuzzy expert model for risk assessment. In: Fifth International Conference on Internet Monitoring & Protection, pp. 48–53. IEEE, Barcelona (2010).  https://doi.org/10.1109/icimp.2010.15

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.School of AutomationNorthwestern Polytechnical UniversityXi’anChina

Personalised recommendations