Abstract
In Network Security Situation Awareness (NSSA), topology information of the monitored network constitutes the foundation of the whole NSSA process. This paper presents a novel method for network topology sensing in non-collaborative networks. The proposed method leverages trusted agents and Group Decision Making (GDM) policies to provide more accurate and complete topology information. To ensure the reliability of the proposed approach, the initial trusted agents are regarded as the experts and the GDM process is carried out solely under their control. Additionally, a core topology description ontology is employed to integrate detected information in a more efficient manner. Furthermore, the approach is exemplified through a comparative analysis in a practical network environment comprising of 20 subnets and over 400 nodes. The experimental results demonstrate that compared with previous network topology sensing methods, our method exhibits a relatively higher coverage rate and is more adept at selecting worker agents. Such outcomes lend credence to the possibility that our approach is a useful practice in detecting complex network environments, ultimately contributing to a security analyst’s cognitive perspective of situation awareness.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
HĂĄvard, J.O., Sokratis. K.: Understanding situation awareness in SOCs, a systematic literature review. Comput. Secur. 126, 103069 (2023)
Chen, C., Ye, L., Yu, X.Z., Ding, B.L.: A survey of network security situational awareness technology. In: International Conference on Artificial Intelligence and Security. LNCS, pp. 101–109. Springer, New York (2019)
Endsley, M.R.: Design and evaluation for situation awareness enhancement. In: Proceedings of the Human Factors Society Annual Meeting, pp. 97–101. (1988)
Bass, T.: Multi-sensor data fusion for next generation distributed intrusion detection systems. In: 1999 IRIS National Symposium Draft (1999)
Gutzwiller, R., Dykstra, J., Payne, B.: Gaps and opportunities in situational awareness for cybersecurity. Digital Threats: Res. Pract. 1(3), Article 18. (2020)
Li, D., Hu, Y.K., Xiao, G.Q., Duan, M.X., Li, K.L.: An active defense model based on situational awareness and firewalls. Concurr. Comput.: Pract. Exper. 35(6), e7577 (2023)
Endsley, M.R.: Toward a theory of situation awareness in dynamic systems. Human Factors: J. Human Factors Ergonom. Society. 37(1), 32–64 (1995)
Liu, Z.T., Ding, G.R., Wang, Z., Zheng, S.L., Wu, Q.H.: Cooperative topology sensing of wireless networks with distributed sensors. IEEE Trans. Cogn. Commun. Network. 7(2), 524–540 (2021)
Liu, Z.T., Wang, W., Ding, G.R., Wu, Q.H., Wang, X.B.: Topology sensing of non-collaborative wireless networks with conditional granger causality. IEEE Trans. Netw. Sci. Eng. 9(3), 1501–1515 (2022)
Mohd, W.R.W., Abdullah, L.: Aggregation methods in group decision making: a decade survey. Informatica 41(1), 71–86 (2017)
Zhao, M., Kou, D., Li, L., Lin, M.W.: An incomplete probabilistic linguistic multi-attribute group decision making method based on a three-dimensional trust network. Applied Intelligence. 53, 5029-5-047 (2023)
Zhou, Y.Y., Zheng, C.L., Zhou, L.G., Chen, H.Y.: Selection of a solar water heater for large-scale group decision making with hesitant fuzzy linguistic preference relations based on the best-worst method. Appl. Intell. 53, 4462–4482 (2023)
Morente-Molinera, J.A., Morfeq, A., AI-Hmouz, R., Ashary, E.B., Su, J.F., Herrera-Viedma, E.: Introducing disruption on stagnated group decision making processes using fuzzy ontologies. Appl. Soft Comput. 132, 109868 (2023)
Gong, G.C., Li, K., Zha, Q.B.: A maximum fairness consensus model with limited cost in group decision making. Comput. Indust. Eng. 175, 108891 (2023)
Liu, X., Zhang, Y.Y., Xu, Y.J., Li, M.Q., Herrera-Viedma, E.: A consensus model for group decision-making with personalized individual self-confidence and trust semantics: a perspective on dynamic social network interactions. Inf. Sci. 627, 147–168 (2023)
Bhattacharyya, S., Kalaimani, R.K.: Resilient dynamic average consensus based on trusted agents. arXiv:2303.09171 (2023)
Sangster, P., Narayan, K.: PA-TNC: a posture attribute protocol compatible with trusted network connect. RFC 5792 (2010)
Mountasser, I., Ouhbi, B., Hdioud, F., Frikh, B.: Semantic-based big data integration framework using scalable distributed ontology matching strategy. Distrib. Parallel Databases. 39, 891–937 (2021)
JĂşnior, P.S.S., Barcellos, M.P., Falbo, R.D.A., Almeida, J.P.A.: From a scrum reference ontology to the integration of applications for data-driven software development. Inf. Softw. Technol. 136, 106570 (2021)
Grošelj, P., Dolinar, G.: Group AHP framework based on geometric standard deviation and interval group pairwise comparisons. Inf. Sci. 626, 370–389 (2023)
Fan, R.L., Zhang, H.L., Gao, Y.: The global cooperation in asteroid mining based on AHP, entropy and TOPSIS. Appl. Math. Comput. 437, 127535 (2023)
Acknowledgements
We like to thank to Yujun Li, Minrong Xie, and Yiqiang Zhou for their guidance. The work presented in this paper is supported by the Innovation Funding Plan by Topsec Network Technology Inc.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Wang, Y. et al. (2024). A Novel Network Topology Sensing Method for Network Security Situation Awareness. In: Tari, Z., Li, K., Wu, H. (eds) Algorithms and Architectures for Parallel Processing. ICA3PP 2023. Lecture Notes in Computer Science, vol 14490. Springer, Singapore. https://doi.org/10.1007/978-981-97-0859-8_5
Download citation
DOI: https://doi.org/10.1007/978-981-97-0859-8_5
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-97-0858-1
Online ISBN: 978-981-97-0859-8
eBook Packages: Computer ScienceComputer Science (R0)