Retracted: Network Security Awareness Modeling Based on Data Mining Method

  • Yunhong Guo
  • Guangyao Lu
Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 224)


In this paper, we analyzed the present problems and put forward the network security situation awareness framework based on data mining. The framework of network security situation by model and the whole process of the generation network security situation. We have described formal model for the construction of network security situation measurement based on d-s evidence theory, frequent mode, and sequence model extracted from the data on network security situation based on the knowledge found method and convert the pattern on the related rules of the network security situation, and automatic generation of network security situation figure.


Network security Situation awareness Data mining 


  1. 1.
    Bass T (1999) Multi sensor data fusion for next generation distributed intrusion detection systems. Invited Paper 1999 IRIS national symposium on sensor and data fusion, vol 5. pp 24–27Google Scholar
  2. 2.
    Bass T (2010) Intrusion detection systems and multi sensor data fusion. Commun ACM 4(43):124–126Google Scholar
  3. 3.
    Endsley M (2010) Toward a theory of situation awareness in dynamic systems. Hum Factors 1(37):32–36Google Scholar
  4. 4.
    Jibao L, Huiqiang W, Liang Z (2009) Study of network security situation awareness model based on simple additive weight and grey theory. J Net 1:67–69Google Scholar
  5. 5.
    Liu M, Yu D Zhang Q et al. (2010) Network security situation assessment based on data fusion. 2008 workshop on knowledge discovery and data mining, vol 3. pp 321–323Google Scholar
  6. 6.
    Yu D, Frincke D (2005) Alert confidence fusion in intrusion detection systems with extended Dempster-Shafer theory. 43rd ACM Southeast conference, vol 3. pp 18–20Google Scholar
  7. 7.
    Huiqiang W, Jibao L, Liang Y (2010) Network security situation awareness based on heterogeneous multi sensor data fusion and neural network. Second Int Multisymposium Comput Comput Sci 3:341–345Google Scholar
  8. 8.
    Manganaris S, Christensen M, Zerkle D et al (2000) A data mining analysis of RTID alarms. Comput Netw 34(4):571–577CrossRefGoogle Scholar
  9. 9.
    Bass T, Robichaux R (2009) Defense-in-depth revisited: qualitative risk analysis methodology for complex network-centric operations. In: Proceedings of IEEE military communications conference, vol 1. pp 64–70Google Scholar
  10. 10.
    Yong Z, Xiaobin T Hongsheng X (2010) A novel approach to network security situation awareness based on multi-perspective analysis. IEEE 2010 international conference on computational intelligence and security, vol 2. pp 76–78Google Scholar
  11. 11.
    Chen XZ, Zheng QH, Guan XH et al (2006) Quantitative hierarchical threat evaluation model for network security. J Softw 4(17):885–887Google Scholar
  12. 12.
    Hall J, Pei J, Yin Y (2010) Mining frequent patterns without candidate generation. 2010 ACM. SIGMOD international first conference on management of data (SIGMOD’OO), DallaS, TX, vol 4. pp 77–79Google Scholar
  13. 13.
    Klemettinen M (1999) A knowledge discovery methodology for telecommunication network alarm databases, vol 1 [Ph 0 dissertation]. University of Helsinki, Finland, pp 89–91Google Scholar
  14. 14.
    Haines JW, Lippmann RP, Fried OJ, Tran E, Boswell S, Zissman MA (1999) DARPA intrusion detection system evaluation: design and procedures, vol 2. Technical Report 1062, MIT Lincoln Laboratory, Lexington, pp 214–215Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  1. 1.Zhengzhou Railway Vocational and Technical CollegeZhengzhouHenan

Personalised recommendations