Abstract
With the continuous expansion of the network scale, network technology is also constantly developing. However, with the continuous deterioration of the security environment, the problem of network safety is improving. The traditional single security method has greatly improved the network’s stability, but due to the lack of effective cooperation, it becomes increasingly difficult to understand the state changes of the entire network at all times. In such a large environment, research on network security situational awareness can obtain theoretical value and has certain application prospects. The current understanding of cybersecurity situational awareness is not deep enough. Most cases are built in a single-source environment and cannot accurately reflect the perception of attack phases and sequences. To solve this problem, a new model of network safety situation awareness based on multisource data fusion was proposed. The model can effectively perceive the attack stages and sequences and provide an early warning, which is of great importance to improve the network security situation awareness and maintain the network security environment. On the basis of extracting the degree of dissimilarity, in this paper, the fusion-based method is used to generate the attack trajectory, thus forming the multisource data fusion and reconstruction algorithm and finally forming the network security situational awareness model. Compared with the single-source data fusion and reconstruction algorithm, this method has better performance. The final result shows that when the original number of alarms was 1237, after multisource data fusion, the number of alarms was reduced to 124. Moreover, on the basis of multisource data fusion, the detection rate of the number of alarms reached 86.67%, which was 26.67% higher than that of single-source data fusion; the false alarm rate was 5.63%, which was 1.19% lower than that of single-source data fusion. In addition, when using the trajectory reconstruction method to reconstruct the trajectory, the accuracy of the multisource data fusion algorithm was also 1.18% higher than that of the single source, and the completeness also increased by 2.53% compared with the single source. Therefore, the proposed algorithm has higher efficiency, and it is helpful to establish and study the network safety situation consciousness model.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.Data availability
The data that support the findings of this study are available from the corresponding author upon reasonable request.
References
Kou G, Wang S, Tang G (2019) Research on key technologies of network security situational awareness for attack tracking prediction. Chin J Electron 28(01):166–175
Zhang J, Jia Y, Zhu D, Hu W, Tang Z (2019) Study on the situational awareness system of mine fire rescue using faster ross girshick-convolutional neural network. IEEE Intell Syst 35(1):54–61
Husak M, Komarkova J, Bou-Harb E, Celeda P (2019) Survey of attack projection, prediction, and forecasting in cyber security. Commun Surv Tutor IEEE 21(1):640–660
Mahendiran A, Appusamy R (2018) An intrusion detection system for network security situational awareness using conditional random fields. Int J Intell Eng Syst 11(3):196–204
Huang C, Wang C (2018) Network security situation awareness based on the optimized dynamic wavelet neural network. Int J Netw Secur 20(3):593–600
Rosa FD, Jousselme AL, Gloria AD (2018) A reliability game for source factors and situational awareness experimentation. Int J Serious Games 5(2):45–64
Alnusair A, Zhong C, Rawashdeh M, Hossain MS, Alamri A (2017) Context-aware multimodal recommendations of multimedia data in cyber situational awareness. Multimed Tools Appl 76(21):1–21
Yu G (2020) Research on computer network information security based on improved machine learning. J Intell Fuzzy Syst 40(3):1–12
Xi R, Yun X, Hao Z (2019) Framework for risk assessment in cyber situational awareness. IET Inf Secur 13(2):149–156
Mallik V, Jah MK (2019) Reconciling space object observed and solar pressure albedo-areas via astrometric and photometric data fusion. Adv Space Res 63(1):404–416
Gorham CL (2020) Developing enterprise cyber situational awareness. Int J Manag Inf Technol 12(3):1–8
Zhang B (2017) Chaotic time series prediction based on the fusion of multi-source collaborative data feature constraints. Acta Technica CSAV (Ceskoslovensk Akademie Ved) 62(1):325–336
Kodituwakku H, Keller A, Gregor J (2020) InSight2: a modular visual analysis platform for network situational awareness in large-scale networks. Electronics 9(10):1747–1747
Nikoloudakis Y, Kefaloukos I, Klados S, Panagiotakis S, Markakis EK (2021) Towards a machine learning based situational awareness framework for cybersecurity: an SDN implementation. Sensors 21(14):4939–4939
Almeida RB, Junes VC, Machado R (2019) A distributed event-driven architectural model based on situational awareness applied on internet of things. Inf Softw Technol 111:144–158
Sivaraman K, Arumugam P (2018) CA comparative study of different network security aspects with NSSA. Int J Pure Appl Math 119(12):9601–9608
Park M, Han J, Oh H (2019) Threat assessment for android environment with connectivity to IoT devices from the perspective of situational awareness. Wirel Commun Mob Comput 2019(4):1–14
Peterman K (2018) BATTLESPACE Businessman of the Year 2018. Battlespace C4ISTAR Technologies 21(3):8–9
Ukwandu E, Farah M, Hindy H (2020) A review of cyber-ranges and test-beds: current and future trends. Sensors 20(24):7148–7148
Varga S, Brynielsson J, Franke U (2021) Cyber-threat perception and risk management in the Swedish financial sector. Comput Secur 105(1):102239–102239
Funding
The author(s) received no financial support for the research, authorship, and/or publication of this article.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that there are no conflicts of interest regarding the publication of this article.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Li, X., Zhong, Y. Exploration of a network security situational awareness model based on multisource data fusion. Neural Comput & Applic 35, 25083–25095 (2023). https://doi.org/10.1007/s00521-023-08500-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00521-023-08500-5