Abstract
Confront the evaluation quality problems caused by high data dimension and imbalance between positive and negative samples in the network security situation, this paper proposes a new situation assessment method based on the MHSA-FL model. Firstly, the model references multiple self-attention weight matrices to learn data information in different subspaces, which promotes the ability to extract key features of the global context. Secondly, the model introduces the Focal Loss function to reduce the weight of natural flow samples in training, which effectively mines attack samples that account for a small proportion of network data. Finally, a situation quantification method based on the network attack influence factor is proposed, which calculates the network security situation value in a period through a sliding time window, and realizes the quantitative evaluation of the network security situation. This paper conducts a situation assessment experiment on the MHSA-FL model on the open network security data set CIC-IDS2018. Experimental results show that the MHSA-FL model improves the F1 value by 2%–5% compared with other models.
Supported by organization Advanced Discipline Construction Project of Beijing Universities.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
An, N.N., Thanh, N.Q., Liu, Y.: Deep CNNs with self-attention for speaker identification. IEEE Access 7, 85327–85337 (2019)
Bass, T.: Intrusion detection systems and multisensor data fusion. Commun. ACM 43(4), 99–105 (2000)
Bazrafkan, M.H., Gharaee, H., Enayati, A.: National cyber situation awareness model. In: 2018 9th International Symposium on Telecommunications (IST), pp. 216–220. IEEE (2018)
Chang, J., Zhang, X., Ye, M., Huang, D., Wang, P., Yao, C.: Brain tumor segmentation based on 3D Unet with multi-class focal loss. In: 2018 11th International Congress on Image and Signal Processing, BioMedical Engineering and Informatics (CISP-BMEI), pp. 1–5. IEEE (2018). https://doi.org/10.1109/CISP-BMEI.2018.8633056
Cheng, Z., Yan, C., Wu, F., Wang, J.: Drug-target interaction prediction using multi-head self-attention and graph attention network. IEEE/ACM Trans. Comput. Biol. Bioinform. 1 (2021). https://doi.org/10.1109/TCBB.2021.3077905
Cinque, M., Della Corte, R., Pecchia, A.: Contextual filtering and prioritization of computer application logs for security situational awareness. Future Gener. Comput. Syst. 111, 668–680 (2020)
Debatty, T., Mees, W.: Building a cyber range for training cyberdefense situation awareness. In: 2019 International Conference on Military Communications and Information Systems (ICMCIS), pp. 1–6. IEEE (2019)
Devlin, J., Chang, M.W., Lee, K., Toutanova, K.: BERT: pre-training of deep bidirectional transformers for language understanding. arXiv preprint arXiv:1810.04805 (2018)
Doi, K., Iwasaki, A.: The effect of focal loss in semantic segmentation of high resolution aerial image. In: IGARSS 2018–2018 IEEE International Geoscience and Remote Sensing Symposium, pp. 6919–6922. IEEE (2018). https://doi.org/10.1109/IGARSS.2018.8519409
Eckhart, M., Ekelhart, A., Weippl, E.: Enhancing cyber situational awareness for cyber-physical systems through digital twins. In: 2019 24th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA), pp. 1222–1225. IEEE (2019)
Endsley, M.R.: Design and evaluation for situation awareness enhancement. In: Proceedings of the Human Factors Society Annual Meeting, vol. 32, pp. 97–101. Sage Publications, Los Angeles (1988)
Fang, W., Yao, X., Zhao, X., Yin, J., Xiong, N.: A stochastic control approach to maximize profit on service provisioning for mobile cloudlet platforms. IEEE Trans. Syst. Man Cybern. Syst. 48(4), 522–534 (2016)
Huang, S., Liu, A., Zhang, S., Wang, T., Xiong, N.: BD-VTE: a novel baseline data based verifiable trust evaluation scheme for smart network systems. IEEE Trans. Netw. Sci. Eng. 8(3), 2087–2105 (2020)
Kuang, H., Li, Z., Ma, X., Liu, X.: Location sensitive regression algorithm for multi-oriented scene text detection with focal loss. In: 2019 11th International Conference on Measuring Technology and Mechatronics Automation (ICMTMA), pp. 462–466. IEEE (2019). https://doi.org/10.1109/ICMTMA.2019.00108
Le-yi, S., Jia, L., Yi-hao, L., Hong-qiang, Z., Peng-fei, D.: Survey of research on network security situation awareness. Comput. Eng. Appl. 055(024), 1–9 (2019)
Lin, T.Y., Goyal, P., Girshick, R., He, K., Dollár, P.: Focal loss for dense object detection. In: Proceedings of the IEEE International Conference on Computer Vision, pp. 2980–2988 (2017)
Lotfy, M., Shubair, R.M., Navab, N., Albarqouni, S.: Investigation of focal loss in deep learning models for femur fractures classification. In: 2019 International Conference on Electrical and Computing Technologies and Applications (ICECTA), pp. 1–4. IEEE (2019). https://doi.org/10.1109/ICECTA48151.2019.8959770
Qu, Y., Xiong, N.: RFH: a resilient, fault-tolerant and high-efficient replication algorithm for distributed cloud storage. In: 2012 41st International Conference on Parallel Processing, pp. 520–529. IEEE (2012)
Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization, vol. 1, pp. 108–116 (2018)
Smith, S.E.: Tightening the net: examining and demonstrating commonly available network security tools. Ph.D. thesis, Submitted to the Faculty of the Department of Computing and Mathematical (2012)
Vaswani, A., et al.: Attention is all you need. In: Advances in Neural Information Processing Systems, pp. 5998–6008 (2017)
Wang, H., Tu, M.: Enhancing attention models via multi-head collaboration. In: 2020 International Conference on Asian Language Processing (IALP), pp. 19–23. IEEE (2020). https://doi.org/10.1109/IALP51396.2020.9310460
Wang, Z., Yao, K., Li, X., Fang, S.: Multi-resolution multi-head attention in deep speaker embedding. In: ICASSP 2020–2020 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), pp. 6464–6468. IEEE (2020). https://doi.org/10.1109/ICASSP40776.2020.9053217
Xi, R.R., Yun, X.C., Zhang, Y.Z., Hao, Z.Y.: An improved quantitative evaluation method for network security. Chin. J. Comput. 38(4), 749–758 (2015)
Zhang, Q., Zhou, C., Tian, Y.C., Xiong, N., Qin, Y., Hu, B.: A fuzzy probability Bayesian network approach for dynamic cybersecurity risk assessment in industrial control systems. IEEE Trans. Ind. Inform. 14(6), 2497–2506 (2017)
Zhao, L.: Research on network security situation assessment and prediction based on neural network. Ph.D. thesis, Northwest University (2020)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Zhang, K., Jiang, X., Yu, X., Feng, L. (2022). Network Security Situation Assessment Method Based on MHSA-FL Model. In: Cao, C., Zhang, Y., Hong, Y., Wang, D. (eds) Frontiers in Cyber Security. FCS 2021. Communications in Computer and Information Science, vol 1558. Springer, Singapore. https://doi.org/10.1007/978-981-19-0523-0_13
Download citation
DOI: https://doi.org/10.1007/978-981-19-0523-0_13
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-19-0522-3
Online ISBN: 978-981-19-0523-0
eBook Packages: Computer ScienceComputer Science (R0)