Abstract
In large-scale networks, the state space is exploding and changing dynamically. This leads to difficulties in collecting and analyzing situational awareness data, so we construct an adaptive situational awareness model in spatio-temporal dimensions. In the spatial dimension, vulnerabilities’s threats are assessed through attack graphs combined with Shapley values. At the same time, vulnerability threats are dynamically quantified by updating the status node reachability probability in real time. In the temporal dimension, a game model is established by analyzing vulnerability attack graph nodes to dynamically adjust the observation frequency of high-risk vulnerabilities, focusing on the safety status characteristics of high-risk assets. Experimental results show that our proposal integrates the security features of both space and time dimensions. This method can better focus on high-risk vulnerabilities and accurately reflect the dynamic changes in the network security situation, ensuring timeliness and accuracy in network security detection.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Speech by Xi Jinping at the Symposium on Network Security and Informatization. China Inf. Secur. (05), 23–31 (2016)
Jia, Y., Han, W., Yang, X.: Research status and development trends of network security situation awareness. J. Guangzhou Univ. (Nat. Sci. Ed.) 18(03), 1–10 (2019)
Feng, P., Tao, L.: Research progress on network security situation awareness in the big data environment. Secrecy Sci. Technol. 04, 27–33 (2016)
Li, Y., Wang, C., Huang, G., Zhao, X., Zhang, B., Li, Y.: Comparison of network security situation awareness analysis framework and implementation methods. Acta Electronica Sin. 47(04), 927–945 (2019)
Huang, Z.: Analysis of the impact of web system vulnerabilities in internet enterprises on cybersecurity. Netw. Secur. Technol. Appl. 05, 10–12 (2023)
Zhang, Y., Xiao, J., Yun, X., et al.: DDoS attack detection and control methods. J. Softw. 23(08), 2058–2072 (2012)
Zhao, D., Li, H.: Network security situation element extraction method based on parallel reduction. Comput. Appl. 37(04), 1008–1013 (2017)
Sun, Q.: Key Technologies for Adaptive Network Security Detection and Defense Strategies in Large-scale Networks. Northwestern University (2019)
Tang, Z., Liu, H.: Research on network security situation assessment method under multi-stage large-scale network attacks. Comput. Sci. 45(01), 245–248 (2018)
Wang, J., Shan, Z., Tan, H., et al.: Network security situation assessment based on genetic optimization PNN neural network. Comp. Sci. 48(06), 338–342 (2021)
Sun, P., Zhang, H., Tan, J., et al.: Network security defense decision-making method based on game theory. Comput. Eng. 48(11), 145–151 (2022). https://doi.org/10.19678/j.issn.1000-3428.0063866
Qiu, M., Sai, Y., Wang, G., et al.: Network security assessment method based on time-probability attack graph. Fire Control Command Control 47(01): 145–149+155 (2022)
Chang, L., Liu, X., Qian, Y., et al.: Network security situation awareness model based on convolutional neural network and multi-source fusion. Computer Science 50(05), 382–389 (2023)
Duan, C.: Research on Vulnerability Assessment and Defense Mechanism Selection of Network Systems Based on Game Theory. Hangzhou Dianzi University (2020). https://doi.org/10.27075/d.cnki.ghzdc.2020.000188
Zhang, K., Liu, J.: Network intrusion path analysis method based on dynamic exploitability of vulnerabilities. Inf. Netw. Secur. 21(04), 62–72 (2021)
Common Vulnerability Scoring System (CVSS), 30 May 2019. http://www.first.org/cvss/
Gao, H., Wang, S., Zhang, H., Liu, B., Zhao, D., Liu, Z. : Network security situation assessment method based on absorbing Markov chain. In: Proceedings of the 2022 International Conference on Networking and Network Applications (NaNA), Urumqi, China, pp. 556–561 (2022). https://doi.org/10.1109/NaNA56854.2022.00102
Zhang, H., Yin, Y., Zhao, D., et al.: Network security situation awareness model based on threat intelligence. J. Commun. 42(06), 182–194 (2021)
Liu, Y.: Overview of global network security situation in 2022. Secrecy Sci. Technol. 03, 61–64 (2023)
Sun, P., Tan, J., Li, C., et al.: Network security defense decision-making method based on time differential game. Inf. Netw. Secur. 22(05), 64–74 (2022)
Wang, Z., Lu, Y., Zhao, D.: Network security risk assessment method based on hidden Markov model. J. Air Force Eng. Univ. (Nat. Sci. Ed.) 20(03), 71–76 (2019)
Zhao, X., Xu, H., Wang, T., Jiang, X., Zhao, J.: Research on multidimensional system security assessment based on AHP and gray correlation. In: Han, W., Zhu, L., Yan, F. (eds.) CTCIS 2019. CCIS, vol. 1149, pp. 177–192. Springer, Singapore (2020). https://doi.org/10.1007/978-981-15-3418-8_13
Acknowledgement
This research was supported by the National Natural Science Foundation of China under Grant No. 61672206, No. 61572170, Central Guide Local Science and Technology Development Fund Project (216Z0701G), S&T Program of Hebei under Grant No. 18210109D, No. 20310701D, No. 20310802D, No. 21310101D, National cultural and tourism science and technology innovation project (2020).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Zhang, H., Xu, Y., Liu, B., Zhao, D., Bai, Y. (2024). Large-Scale Network Adaptive Situation Awareness Method in Spatio-Temporal Dimension. In: Jin, H., Pan, Y., Lu, J. (eds) Computer Networks and IoT. IAIC 2023. Communications in Computer and Information Science, vol 2060. Springer, Singapore. https://doi.org/10.1007/978-981-97-1332-5_6
Download citation
DOI: https://doi.org/10.1007/978-981-97-1332-5_6
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-97-1331-8
Online ISBN: 978-981-97-1332-5
eBook Packages: Computer ScienceComputer Science (R0)