Study on network security situation awareness based on particle swarm optimization algorithm
Introduction
With the wide application of big data, big data resource of the country is faced with various security threats and domestic factors, concerning the national economy, social stability, national security interests data resources once hostile forces at home and abroad use will cause data loss, tampering, and destruction (prism incident, SONY video), means a sovereign state digital signals can keep national security loopholes (Ropeik & Gray, 2002). In our country, the security situation under the big data environment is very serious. This is because one is the network infrastructure and basic hardware and software system (server, database and other related products to foreign monopoly) heteronomy; two is the site and application vulnerabilities, backdoor three network attacks emerge in an endless stream; is more abundant, the terminal malware, malicious code is a hacker or hostile forces against large data platform, one of the main means to steal data.
At present, more and more network attack is started from the terminal, the terminal penetration attack also has become the main form of cyber warfare between countries, and aiming at large data platform for advanced persistent threat (APT) attack is also very common. Therefore, the network security state under the big data environment potential for effective perception, evaluation and prediction where is the primary security big data resources security.
The research of network security situation assessment has made great progress, but with the advent of the era of big data, the results of these studies show its limitations and shortcomings, it is difficult to meet the network security under the big data environment needs, embodied in: one is to predict the existence of “threat of attack intention path prediction.” the lack of motivation to predict defects. Two, there is a lack of network security situation assessment method aiming at data protection in large data environment. Three, the effective network attack and defence Countermeasures results evaluation methods are lack.
Based on the above reasons, this paper intends to study the technology of network security situation assessment in large data environment. The innovation points are shown as follow:
First, the evaluation method of network security situation under the big data environment: first, to establish a network security situation evaluation index system for the selection and quantification of factors, then the situation value calculation to build the network security situation assessment system.
Second, the selection and quantification of index factors. In this article, we select multi-source data in large data environment. In order to ensure the unity of multi-source data in quantitative, an attribute reduction data parallel algorithm of attribute importance based on matrix is proposed. And then, the fuzzy evaluation method is used to evaluate the attributes after data reduction, and then make the two reduction, and then process the reduced data to achieve the unification of multi-source data.
Third, for the calculation of situation value, a method of situation value calculation based on particle swarm optimization is proposed. The scheme is to establish the wavelet neural network, determine the position vector of the particle swarm, initialize the position vector of each particle and randomly generate the velocity vector; update each particle's position and speed values, and calculated after each iteration of fitness value; repeated training, until the particle swarm global optimal fitness value is less than a predetermined value, and finally get the global optimal solution, output calculation of wavelet neural network.
Section snippets
Related research work
Network security situation, factor extraction and security situation assessment are the core contents of network security situational awareness; the research status and problems of these two aspects are as follows.
Network security situational awareness concept
Prediction of situation awareness in the origin of the thoughts of ancient military confrontation in the enemy offensive and defensive posture, the technique was used for the first time in space flight due to pilot study, by observing the flight scene, carries on the understanding to meet the situation and make timely response and decision according to the specific circumstances, this series of activities constitute the framework of consciousness in the pilot in the brain, then in the field of
Situation factor extraction based on parallel reduction
Network security situation element extraction is the key to accurately find the abnormal information in the network, extract the essence of situational factors is an attribute selection process, namely the reduction algorithm to remove the redundant attributes, to extract the essential factors of network security situation information network. Network information completely situational factors has the characteristics of large amount of data and the attribute number and different types of
Network security situation value calculation
The steps of network security situation assessment are as follows: firstly, the network security situation evaluation index system is established, and then the situation value is calculated, thus the network security situation evaluation system is constructed. Based on the established evaluation index system, this paper studies the calculation method of situation value, including two parts: the selection and quantification of index factors and the calculation of situation value.
For the
Fuzzy wavelet neural network model
With the actual situation of uncertain fuzzy system theory can be used (0, 1) between the exact number of expressed, this is mainly used for the risk assessment of uncertain input into wavelet neural network input. Neural network has self-learning, adaptive and fault tolerance features of (Hou, Wang, Gao, Hou, & Wang, 2017). Wavelet neural network, wavelet transform and neural integrated network, the basic element and the whole structure on the basis of the theory of wavelet analysis, can
Fuzzy processing of input layer
Wavelet neural network input for quantitative data, information systems for the situation assessment, situation factors index is usually uncertain data, generally described by the qualitative method. Based on this reason, this paper uses fuzzy evaluation method to quantify (Jia et al., 2016, Li et al., 2016). Model analysis fuzzy system of situational factors as the input indicators qualitative situation elements, the output of fuzzy system for the distribution of situational factors (0, 1) in
Article swarm optimization algorithm
The set particle is searched and positioned in a D dimensional target search space, and finally the optimal solution is found. The population consists of M particles, (Zhang, Peng, & Du, 2012). The particle is represented as a vector of D dimensions , whose speed is (i = 1, 2, m). It is brought into its objective function, and the fitness is calculated, and the merits of each particle are measured according to the size of the fit. The optimal position of
Wavelet neural network algorithm based on particle swarm optimization
The traditional wavelet neural network has the ability of self-learning and adaptive (see Dou, Ji, & Gao, 2016; Dou, Ji, & Gao, 2016; Pan, Deng, & Zhang, 2013; Pan, Deng, & Zhang, 2013, and so on), but it is very easy to fall into local minimum, the low success rate of the search, the network training error is large, slow convergence speed, cannot get the global optimal solution Yildiz (2012). This paper uses particle swarm optimization wavelet neural network, to overcome the shortcomings of
Experimental data set and environment
In this paper, the experimental data from the data set of NSL-KDD data sets, NSL-KDD data set is refined data sets of KDD99 data set, which contains 41 attributes and 1 tag attributes, attribute: Probe, DoS, U2R, R2L and Normal in five types of experimental environment: Microsoft Windows7 operating system, 500 MHz processor, 512 MB memory, experimental tools include: ROSETTA, MATLAB2010a, WEKA3.9.
Performance index
In this paper, the recall rate and false alarm rate (as the evaluation index of detection
Conclusion
In this paper, the evaluation of network security situation in large data environment is studied. The method of situational factor extraction and situation value calculation is put forward and validated.
In the situational factor extraction method, by analysing the factors of network security situation presents a parallel reduction algorithm based on attribute importance matrix, this method solves the problem of classical rough set model can only handle small amounts of static data in the
Acknowledgements
Authors would like to thank the reviewers for their detailed reviews and constructive comments, which have helped, improve the quality of this study. This work was supported in part by The National Natural Science Fund under Grant No. 61672206 and supported in part by Hebei Science Supported Planning Projects No. 17K50703D and No. 15214706D.
References (30)
- et al.
Bayesian networks for enterprise risk assessment
Physica A: Statistical Mechanics and its Applications
(2007) - et al.
Indirect adaptive fuzzy wavelet neural network with self- recurrent consequent part for AC servo system
ISA Transactions
(2017) - et al.
A situation assessment method for rock burst based on multi-agent information fusion
Computers & Electrical Engineering
(2015) - et al.
A novel attribute reduction algorithm based on rough set and improved artificial fish swarm algorithm
Neurocomputing
(2016) A new hybrid particle swarm optimization approach for structural design optimization in automotive industry
Journal of Automobile Engineering
(2012)Moth-flame optimization algorithm to determine optimal machining parameters in manufacturing processes
Materials Testing
(2017)- et al.
Optimization of thin-wall structures using hybrid gravitational search and Nelder-Mead algorithm
Materials Testing
(2016) - Bass, T. (1999). Multisensor data fusion for next generation distributed intrusion detection...
- et al.
Structural design of vehicle components using gravitational search and charged system search algorithms
Materials Testing
(2016) A comparative investigation of eight recent population-based optimisation algorithms for mechanical and structural design problems
International Journal of Vehicle Design
(2017)
Quantitative hierarchical threat evaluation model for network security
Journal of Software
Situation element extraction of network security based on Logistic Regression and Improved Particle Swarm Optimization
Cited by (56)
Research on optimization algorithms for artificial intelligence network security management based on All IP Internet of Things fusion technology
2024, Computers and Electrical EngineeringALSNAP: Attention-based long and short-period network security situation prediction
2023, Ad Hoc NetworksIntelligent RGV Dynamic Scheduling Virtual Simulation Technology Based on Machine Learning
2023, Procedia Computer ScienceResearch on Hierarchical Network Security Situational Awareness Data Fusion Method in Big Data Environment
2024, Applied Mathematics and Nonlinear SciencesAHP-Based Network Security Situation Assessment for Industrial Internet of Things
2023, Electronics (Switzerland)A surrogate model-based framework to calibrate the turbulence parameters of a vegetative canopy model for a marine turbine simulation
2023, Journal of Ocean Engineering and Marine Energy