Network Security Threat Situation Evaluation Based on Fusion Decision and Spread Analysis

Provided by: Science & Engineering Research Support soCiety (SERSC)
Topic: Security
Format: PDF
Most situation evaluation methods suffer from the false positives and false negatives of detection systems seriously, without considering authorization and dependence relationships, unable to reflect indirect threats, and whose assessment results guide dynamic defense poorly. Upon these problems, an evaluation method whose core consists of multi-source fusion decision, threat spread analysis and attack intention guess is presented. First, the decision-level fusion of multi-source detection logs and attack alerts is introduced to improve detection rate or reduce false alarm rate.

Find By Topic